CPE Details
HP Icewall Sso 10.0 Patch 9 Certd Edition
10.0
2022-07-13
14h36 +00:00
14h36 +00:00
2022-12-01
18h37 +00:00
18h37 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:hp:icewall_sso:10.0:p9:*:*:certd:*:*:*
Informations
Vendor
hpProduct
icewall_ssoVersion
10.0Update
p9Software Edition
certdRelated CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, HP-UX, and Windows could be exploited remotely to allow URL Redirection. | 9.1 |
Critique |
||
| The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. | 5.9 |
Moyen |
||
| The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. | 9.8 |
Critique |
||
| OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. | 9.8 |
Critique |
||
| ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message. | 4.3 |
2025©
tesweb SA
