CVE-2014-3470


Severity : Medium
Published : 2014-06-05
Modified : 2015-04-14
Base Score : 4.3
Details : The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
Product/Version :  
Per: http://cwe.mitre.org/data/definitions/476.html  
 
"CWE-476: NULL Pointer Dereference"  
 
 
Carrier Grade CGE 7.0  
Pro 5.0  
Carrier Grade CGE 6.0  
Pro 4.x  
CGE 4.x  
Mobilinux 4.x  
CGE 5.x  
Mobilinux 5.x  
 
 
 

CVE Vulnerabilities List CVE-2014

CVE-2014-0015 CVE-2014-0076 CVE-2014-0092 CVE-2014-0138
CVE-2014-0191 CVE-2014-0195 CVE-2014-0198 CVE-2014-0203
CVE-2014-0221 CVE-2014-0224 CVE-2014-0475 CVE-2014-1444
CVE-2014-1445 CVE-2014-1446 CVE-2014-1737 CVE-2014-1738
CVE-2014-1874 CVE-2014-2532 CVE-2014-3466 CVE-2014-3467
CVE-2014-3468 CVE-2014-3469 CVE-2014-3470 CVE-2014-3505
CVE-2014-3506 CVE-2014-3508 CVE-2014-3510 CVE-2014-3537
CVE-2014-3565 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568
CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572
CVE-2014-4043 CVE-2014-4699 CVE-2014-4877 CVE-2014-5119
CVE-2014-6040 CVE-2014-6271 CVE-2014-6277 CVE-2014-6278
CVE-2014-7169 CVE-2014-7185 CVE-2014-7186 CVE-2014-7187
CVE-2014-7817 CVE-2014-8121 CVE-2014-8176 CVE-2014-8275
CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9297
CVE-2014-9298 CVE-2014-9447 CVE-2014-9529