CVE-2013-1621
EUVD-2013-165608.02.2013, 19:55
Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session, a different vulnerability than CVE-2013-0169.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| polarssl | polarssl | 𝑥 ≤ 1.2.4 |
| polarssl | polarssl | 0.10.0 |
| polarssl | polarssl | 0.10.1 |
| polarssl | polarssl | 0.11.0 |
| polarssl | polarssl | 0.11.1 |
| polarssl | polarssl | 0.12.0 |
| polarssl | polarssl | 0.12.1 |
| polarssl | polarssl | 0.13.1 |
| polarssl | polarssl | 0.14.0 |
| polarssl | polarssl | 0.14.2 |
| polarssl | polarssl | 0.14.3 |
| polarssl | polarssl | 0.99:pre1 |
| polarssl | polarssl | 0.99:pre3 |
| polarssl | polarssl | 0.99:pre4 |
| polarssl | polarssl | 0.99:pre5 |
| polarssl | polarssl | 1.0.0 |
| polarssl | polarssl | 1.1.0 |
| polarssl | polarssl | 1.1.0:rc0 |
| polarssl | polarssl | 1.1.0:rc1 |
| polarssl | polarssl | 1.1.1 |
| polarssl | polarssl | 1.1.2 |
| polarssl | polarssl | 1.1.3 |
| polarssl | polarssl | 1.1.4 |
| polarssl | polarssl | 1.1.5 |
| polarssl | polarssl | 1.2.0 |
| polarssl | polarssl | 1.2.1 |
| polarssl | polarssl | 1.2.2 |
| polarssl | polarssl | 1.2.3 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| mbedtls |
| ||||||||||||||||||||||||||||
| polarssl |
|
Common Weakness Enumeration
References