CVE-2014-3474

URI: https://gptkb.org/entity/CVE-2014-3474

GPTKB entity

Statements (57)

Predicate	Object
gptkbp:instance_of	gptkb:vulnerability
gptkbp:access_privileges	None.
gptkbp:affected_platforms	Linux, Windows.
gptkbp:attack_complexity	Low.
gptkbp:broadcasts	Open SSL team.
gptkbp:cve_id	CVE-2014-3474.
gptkbp:cvss_access_complexity	Low.
gptkbp:cvss_access_vector	Network.
gptkbp:cvss_authentication	None.
gptkbp:cvss_availability_impact	Partial.
gptkbp:cvss_base_score	5.0.
gptkbp:cvss_confidentiality_impact	None.
gptkbp:cvss_environmental	3.0.
gptkbp:cvss_environmental_score	3.0.
gptkbp:cvss_exploitability	3.
gptkbp:cvss_impact	2.
gptkbp:cvss_integrity_impact	None.
gptkbp:cvss_severity	Medium.
gptkbp:cvss_temporal	4.0.
gptkbp:cvss_temporal_score	4.0.
gptkbp:cvss_vector	AV: N/ AC: L/ Au: N/ C: N/ I: N/ A: P.
gptkbp:cwe_id	CWE-119.
gptkbp:date	2014-07-09.
gptkbp:description	A vulnerability in the Open SSL library.
gptkbp:difficulty_levels	gptkb:High
gptkbp:discovery	Public.
gptkbp:distributor	Open SSL Software Foundation.
gptkbp:exploit_availability	Public.
gptkbp:exploitability_metric	3.
gptkbp:first_published	2014-07-09 2014-07-09.
gptkbp:fix	Patch released.
gptkbp:has_enemies	Network.
https://www.w3.org/2000/01/rdf-schema#label	CVE-2014-3474
gptkbp:human_interaction	None.
gptkbp:impact	Potential crash of the application. Allows remote attackers to cause a denial of service.
gptkbp:impact_metric	2.
gptkbp:is_a_solution_for	Upgrade to Open SSL 1.0.1h or 1.0.2.
gptkbp:is_referenced_in	https://www.openssl.org/news/secadv_20140709.txt
gptkbp:is_vulnerable_to	Yes. 3.9. Buffer overflow. Exploitable.
gptkbp:latest_version	1.0.1 through 1.0.1g.
gptkbp:provides_support_for	Open SSL 1.0.1 and 1.0.2.
gptkbp:publication_year	2014-07-09
gptkbp:remediation_level	Official fix.
gptkbp:reports_to	2014-07-09. NVD.
gptkbp:score	5.0.
gptkbp:status	Resolved.
gptkbp:type	Denial of Service.
gptkbp:vector	Remote.
gptkbp:vulnerability_class	Security.
gptkbp:vulnerability_source	Open SSL.
gptkbp:vulnerability_status	Patched.