4.0
MEDIUM
CVE-2010-5298
OpenSSL SSL Race Condition Denial of Service
Description

Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.

INFO

Published Date :

April 14, 2014, 10:38 p.m.

Last Modified :

Aug. 29, 2022, 8:53 p.m.

Remotely Exploitable :

Yes !

Impact Score :

4.9

Exploitability Score :

4.9
Public PoC/Exploit Available at Github

CVE-2010-5298 has a 4 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2010-5298 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Suse linux_enterprise_server
2 Suse linux_enterprise_desktop
3 Suse linux_enterprise_software_development_kit
4 Suse linux_enterprise_workstation_extension
1 Fedoraproject fedora
1 Mariadb mariadb
1 Openssl openssl
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2010-5298.

URL Resource
http://advisories.mageia.org/MGASA-2014-0187.html Third Party Advisory
http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig Patch Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 Permissions Required
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140389274407904&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140389355508263&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140431828824371&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140448122410568&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140544599631400&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140621259019789&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140752315422991&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140904544427729&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141658880509699&w=2 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2014/04/13/1 Mailing List Patch
http://seclists.org/fulldisclosure/2014/Dec/23 Mailing List Third Party Advisory
http://secunia.com/advisories/58337 Not Applicable
http://secunia.com/advisories/58713 Not Applicable
http://secunia.com/advisories/58939 Not Applicable
http://secunia.com/advisories/58977 Not Applicable
http://secunia.com/advisories/59162 Not Applicable
http://secunia.com/advisories/59287 Not Applicable
http://secunia.com/advisories/59300 Not Applicable
http://secunia.com/advisories/59301 Not Applicable
http://secunia.com/advisories/59342 Not Applicable
http://secunia.com/advisories/59413 Not Applicable
http://secunia.com/advisories/59437 Not Applicable
http://secunia.com/advisories/59438 Not Applicable
http://secunia.com/advisories/59440 Not Applicable
http://secunia.com/advisories/59450 Not Applicable
http://secunia.com/advisories/59490 Not Applicable
http://secunia.com/advisories/59655 Not Applicable
http://secunia.com/advisories/59666 Not Applicable
http://secunia.com/advisories/59669 Not Applicable
http://secunia.com/advisories/59721 Not Applicable
http://security.gentoo.org/glsa/glsa-201407-05.xml Third Party Advisory
http://support.citrix.com/article/CTX140876 Third Party Advisory
http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191&view=markup Broken Link
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21673137 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21676035 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21676062 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676419 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676529 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676655 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676879 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21676889 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21677527 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21677695 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677828 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677836 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21678167 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21683332 Third Party Advisory
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754 Broken Link
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755 Broken Link
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756 Broken Link
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757 Broken Link
http://www.blackberry.com/btsc/KB36051 Broken Link
http://www.fortiguard.com/advisory/FG-IR-14-018/ Third Party Advisory
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=swg21676356 Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=swg24037783 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2014:090 Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 Broken Link
http://www.openbsd.org/errata55.html#004_openssl Third Party Advisory
http://www.openssl.org/news/secadv_20140605.txt Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Third Party Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/66801 Third Party Advisory VDB Entry
http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2014-0006.html Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2014-0012.html Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946 Third Party Advisory
https://kb.bluecoat.com/index?page=content&id=SA80 Broken Link
https://kc.mcafee.com/corporate/index?page=content&id=SB10075 Broken Link
https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest Broken Link
https://rt.openssl.org/Ticket/Display.html?id=3265&user=guest&pass=guest Broken Link
https://www.novell.com/support/kb/doc.php?id=7015271 Third Party Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

None

Updated: 3 weeks ago
0 stars 0 fork 0 watcher
Born at : Oct. 19, 2024, 7:04 p.m. This repo has been linked 146 different CVEs too.

None

C++ C Batchfile Perl DIGITAL Command Language Shell Makefile Assembly XS M4

Updated: 1 year ago
0 stars 0 fork 0 watcher
Born at : Nov. 2, 2023, 5:56 a.m. This repo has been linked 1 different CVEs too.

None

Updated: 2 months ago
5 stars 0 fork 0 watcher
Born at : Feb. 23, 2023, 5:42 a.m. This repo has been linked 455 different CVEs too.

Fast IP Lookups for Open Ports and Vulnerabilities

r rstats shodan shodan-api

R

Updated: 5 months, 1 week ago
3 stars 1 fork 1 watcher
Born at : June 20, 2022, 1:53 p.m. This repo has been linked 50 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2010-5298 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2010-5298 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Modified Analysis by [email protected]

    Aug. 29, 2022

    Action Type Old Value New Value
    Changed Reference Type http://advisories.mageia.org/MGASA-2014-0187.html No Types Assigned http://advisories.mageia.org/MGASA-2014-0187.html Third Party Advisory
    Changed Reference Type http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig No Types Assigned http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig Patch, Third Party Advisory
    Changed Reference Type http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 No Types Assigned http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 Third Party Advisory
    Changed Reference Type http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 No Types Assigned http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 Permissions Required
    Changed Reference Type http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html No Types Assigned http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html Mailing List, Third Party Advisory
    Changed Reference Type http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html No Types Assigned http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html Mailing List, Third Party Advisory
    Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140389274407904&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140389274407904&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140389355508263&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140389355508263&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140431828824371&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140431828824371&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140448122410568&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140448122410568&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140544599631400&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140544599631400&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140621259019789&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140621259019789&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140752315422991&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140752315422991&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140904544427729&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140904544427729&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=141658880509699&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=141658880509699&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://openwall.com/lists/oss-security/2014/04/13/1 Patch http://openwall.com/lists/oss-security/2014/04/13/1 Mailing List, Patch
    Changed Reference Type http://seclists.org/fulldisclosure/2014/Dec/23 No Types Assigned http://seclists.org/fulldisclosure/2014/Dec/23 Mailing List, Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/58337 No Types Assigned http://secunia.com/advisories/58337 Not Applicable
    Changed Reference Type http://secunia.com/advisories/58713 No Types Assigned http://secunia.com/advisories/58713 Not Applicable
    Changed Reference Type http://secunia.com/advisories/58939 No Types Assigned http://secunia.com/advisories/58939 Not Applicable
    Changed Reference Type http://secunia.com/advisories/58977 No Types Assigned http://secunia.com/advisories/58977 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59162 No Types Assigned http://secunia.com/advisories/59162 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59287 No Types Assigned http://secunia.com/advisories/59287 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59300 No Types Assigned http://secunia.com/advisories/59300 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59301 No Types Assigned http://secunia.com/advisories/59301 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59342 No Types Assigned http://secunia.com/advisories/59342 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59413 No Types Assigned http://secunia.com/advisories/59413 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59437 No Types Assigned http://secunia.com/advisories/59437 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59438 No Types Assigned http://secunia.com/advisories/59438 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59440 No Types Assigned http://secunia.com/advisories/59440 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59450 No Types Assigned http://secunia.com/advisories/59450 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59490 No Types Assigned http://secunia.com/advisories/59490 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59655 No Types Assigned http://secunia.com/advisories/59655 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59666 No Types Assigned http://secunia.com/advisories/59666 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59669 No Types Assigned http://secunia.com/advisories/59669 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59721 No Types Assigned http://secunia.com/advisories/59721 Not Applicable
    Changed Reference Type http://security.gentoo.org/glsa/glsa-201407-05.xml No Types Assigned http://security.gentoo.org/glsa/glsa-201407-05.xml Third Party Advisory
    Changed Reference Type http://support.citrix.com/article/CTX140876 No Types Assigned http://support.citrix.com/article/CTX140876 Third Party Advisory
    Changed Reference Type http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191&view=markup No Types Assigned http://svnweb.freebsd.org/ports/head/security/openssl/files/patch-ssl-s3_pkt.c?revision=351191&view=markup Broken Link
    Changed Reference Type http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl No Types Assigned http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl Third Party Advisory
    Changed Reference Type http://www.blackberry.com/btsc/KB36051 No Types Assigned http://www.blackberry.com/btsc/KB36051 Broken Link
    Changed Reference Type http://www.fortiguard.com/advisory/FG-IR-14-018/ No Types Assigned http://www.fortiguard.com/advisory/FG-IR-14-018/ Third Party Advisory
    Changed Reference Type http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm No Types Assigned http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm Third Party Advisory
    Changed Reference Type http://www.ibm.com/support/docview.wss?uid=swg21676356 No Types Assigned http://www.ibm.com/support/docview.wss?uid=swg21676356 Third Party Advisory
    Changed Reference Type http://www.ibm.com/support/docview.wss?uid=swg24037783 No Types Assigned http://www.ibm.com/support/docview.wss?uid=swg24037783 Third Party Advisory
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDVSA-2014:090 No Types Assigned http://www.mandriva.com/security/advisories?name=MDVSA-2014:090 Broken Link
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 No Types Assigned http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 Broken Link
    Changed Reference Type http://www.openbsd.org/errata55.html#004_openssl No Types Assigned http://www.openbsd.org/errata55.html#004_openssl Third Party Advisory
    Changed Reference Type http://www.openssl.org/news/secadv_20140605.txt No Types Assigned http://www.openssl.org/news/secadv_20140605.txt Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html No Types Assigned http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html No Types Assigned http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html No Types Assigned http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Third Party Advisory
    Changed Reference Type http://www.securityfocus.com/archive/1/534161/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/534161/100/0/threaded Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/bid/66801 No Types Assigned http://www.securityfocus.com/bid/66801 Third Party Advisory, VDB Entry
    Changed Reference Type http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse No Types Assigned http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse Third Party Advisory
    Changed Reference Type http://www.vmware.com/security/advisories/VMSA-2014-0006.html No Types Assigned http://www.vmware.com/security/advisories/VMSA-2014-0006.html Third Party Advisory
    Changed Reference Type http://www.vmware.com/security/advisories/VMSA-2014-0012.html No Types Assigned http://www.vmware.com/security/advisories/VMSA-2014-0012.html Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21673137 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21673137 Broken Link
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676035 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676035 Broken Link
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676062 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676062 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676419 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676419 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676529 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676529 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676655 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676655 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676879 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676879 Broken Link
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676889 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676889 Broken Link
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21677527 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21677527 Broken Link
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21677695 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21677695 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21677828 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21677828 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21677836 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21677836 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21678167 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21678167 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21683332 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21683332 Third Party Advisory
    Changed Reference Type http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754 No Types Assigned http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754 Broken Link
    Changed Reference Type http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755 No Types Assigned http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755 Broken Link
    Changed Reference Type http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756 No Types Assigned http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756 Broken Link
    Changed Reference Type http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757 No Types Assigned http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757 Broken Link
    Changed Reference Type https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946 No Types Assigned https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946 Third Party Advisory
    Changed Reference Type https://kb.bluecoat.com/index?page=content&id=SA80 No Types Assigned https://kb.bluecoat.com/index?page=content&id=SA80 Broken Link
    Changed Reference Type https://kc.mcafee.com/corporate/index?page=content&id=SB10075 No Types Assigned https://kc.mcafee.com/corporate/index?page=content&id=SB10075 Broken Link
    Changed Reference Type https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest No Types Assigned https://rt.openssl.org/Ticket/Display.html?id=2167&user=guest&pass=guest Broken Link
    Changed Reference Type https://rt.openssl.org/Ticket/Display.html?id=3265&user=guest&pass=guest No Types Assigned https://rt.openssl.org/Ticket/Display.html?id=3265&user=guest&pass=guest Broken Link
    Changed Reference Type https://www.novell.com/support/kb/doc.php?id=7015271 No Types Assigned https://www.novell.com/support/kb/doc.php?id=7015271 Third Party Advisory
    Changed CPE Configuration OR *cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions up to (including) 1.0.1g OR *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions up to (including) 1.0.1g
    Added CPE Configuration OR *cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* versions from (including) 10.0.0 up to (excluding) 10.0.13
    Added CPE Configuration OR *cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:* *cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Oct. 10, 2018

    Action Type Old Value New Value
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/534161/100/0/threaded [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 15, 2017

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html [No Types Assigned]
  • Modified Analysis by [email protected]

    Jan. 26, 2017

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Jan. 26, 2017

    Action Type Old Value New Value
    Removed Reference https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 07, 2017

    Action Type Old Value New Value
    Added Reference https://www.novell.com/support/kb/doc.php?id=7015271 [No Types Assigned]
    Added Reference https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 [No Types Assigned]
    Added Reference http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757 [No Types Assigned]
    Added Reference http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756 [No Types Assigned]
    Added Reference http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755 [No Types Assigned]
    Added Reference http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21683332 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21677836 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21676889 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21676879 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21676529 [No Types Assigned]
    Added Reference http://www.vmware.com/security/advisories/VMSA-2014-0006.html [No Types Assigned]
    Added Reference http://www.mandriva.com/security/advisories?name=MDVSA-2014:090 [No Types Assigned]
    Added Reference http://www.ibm.com/support/docview.wss?uid=swg24037783 [No Types Assigned]
    Added Reference http://www.ibm.com/support/docview.wss?uid=swg21676356 [No Types Assigned]
    Added Reference http://support.citrix.com/article/CTX140876 [No Types Assigned]
    Added Reference http://security.gentoo.org/glsa/glsa-201407-05.xml [No Types Assigned]
    Added Reference http://secunia.com/advisories/59440 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59437 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59287 [No Types Assigned]
    Added Reference http://secunia.com/advisories/58977 [No Types Assigned]
    Added Reference http://secunia.com/advisories/58713 [No Types Assigned]
    Added Reference http://secunia.com/advisories/58337 [No Types Assigned]
    Added Reference http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html [No Types Assigned]
    Added Reference http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html [No Types Assigned]
    Added Reference http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 [No Types Assigned]
    Added Reference http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 [No Types Assigned]
    Added Reference http://advisories.mageia.org/MGASA-2014-0187.html [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 03, 2017

    Action Type Old Value New Value
    Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 12, 2016

    Action Type Old Value New Value
    Added Reference https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946
  • CVE Modified by [email protected]

    Aug. 23, 2016

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=140431828824371&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141658880509699&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140448122410568&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140621259019789&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140544599631400&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140389274407904&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140904544427729&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140389355508263&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140752315422991&w=2
  • CVE Modified by [email protected]

    Jun. 17, 2016

    Action Type Old Value New Value
    Removed Reference http://seclists.org/fulldisclosure/2015/Apr/5
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded
    Removed Reference http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html
  • CVE Modified by [email protected]

    Apr. 15, 2015

    Action Type Old Value New Value
    Added Reference http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html
    Added Reference http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded
    Added Reference http://seclists.org/fulldisclosure/2015/Apr/5
  • CVE Modified by [email protected]

    Apr. 01, 2015

    Action Type Old Value New Value
    Added Reference http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
  • CVE Modified by [email protected]

    Jan. 22, 2015

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
  • CVE Modified by [email protected]

    Dec. 12, 2014

    Action Type Old Value New Value
    Added Reference http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded
    Added Reference http://www.vmware.com/security/advisories/VMSA-2014-0012.html
    Added Reference http://seclists.org/fulldisclosure/2014/Dec/23
  • Initial Analysis by [email protected]

    Apr. 15, 2014

    Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2010-5298 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2010-5298 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

2.90 }} -9.56%

score

0.90712

percentile

CVSS2 - Vulnerability Scoring System
Access Vector
Access Complexity
Authentication
Confidentiality
Integrity
Availability