CVE-2014-2897

CVE-2014-2897

The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read.

Source: CVE-2014-2897

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다