OpenSSL - 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption

Author: Georgi Guninski
type: dos
platform: linux
port: 
date_added: 2010-08-07  
date_updated: 2014-08-28  
verified: 1  
codes: CVE-2010-2939;OSVDB-66946  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 34427.txt  

source: https://www.securityfocus.com/bid/42306/info

OpenSSL is prone to a remote memory-corruption vulnerability.

Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the application using the vulnerable library. Failed exploit attempts will result in a denial-of-service condition.

The issue affects OpenSSL 1.0.0a; other versions may also be affected.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/34427.zip