4.3
MEDIUM
CVE-2014-0198
OpenSSL DoS NULL Pointer Dereference in SSL3 Write
Description

The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.

INFO

Published Date :

May 6, 2014, 10:44 a.m.

Last Modified :

Aug. 29, 2022, 8:50 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

2.9

Exploitability Score :

8.6
Public PoC/Exploit Available at Github

CVE-2014-0198 has a 2 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2014-0198 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Suse linux_enterprise_server
2 Suse linux_enterprise_desktop
3 Suse linux_enterprise_software_development_kit
4 Suse linux_enterprise_workstation_extension
1 Fedoraproject fedora
1 Debian debian_linux
1 Mariadb mariadb
1 Openssl openssl
1 Opensuse opensuse
: Total Affected Vendor : 6 | Products : 9
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2014-0198.

URL Resource
http://advisories.mageia.org/MGASA-2014-0204.html Third Party Advisory
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-05/msg00036.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2014-05/msg00037.html Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140389274407904&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140389355508263&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140431828824371&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140448122410568&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140544599631400&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140621259019789&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140752315422991&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140904544427729&w=2 Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=141658880509699&w=2 Mailing List Third Party Advisory
http://puppetlabs.com/security/cve/cve-2014-0198 Third Party Advisory
http://seclists.org/fulldisclosure/2014/Dec/23 Mailing List Third Party Advisory
http://secunia.com/advisories/58337 Not Applicable
http://secunia.com/advisories/58667 Not Applicable
http://secunia.com/advisories/58713 Not Applicable
http://secunia.com/advisories/58714 Not Applicable
http://secunia.com/advisories/58939 Not Applicable
http://secunia.com/advisories/58945 Not Applicable
http://secunia.com/advisories/58977 Not Applicable
http://secunia.com/advisories/59126 Not Applicable
http://secunia.com/advisories/59162 Not Applicable
http://secunia.com/advisories/59163 Not Applicable
http://secunia.com/advisories/59190 Not Applicable
http://secunia.com/advisories/59202 Not Applicable
http://secunia.com/advisories/59264 Not Applicable
http://secunia.com/advisories/59282 Not Applicable
http://secunia.com/advisories/59284 Not Applicable
http://secunia.com/advisories/59287 Not Applicable
http://secunia.com/advisories/59300 Not Applicable
http://secunia.com/advisories/59301 Not Applicable
http://secunia.com/advisories/59306 Not Applicable
http://secunia.com/advisories/59310 Not Applicable
http://secunia.com/advisories/59342 Not Applicable
http://secunia.com/advisories/59374 Not Applicable
http://secunia.com/advisories/59398 Not Applicable
http://secunia.com/advisories/59413 Not Applicable
http://secunia.com/advisories/59437 Not Applicable
http://secunia.com/advisories/59438 Not Applicable
http://secunia.com/advisories/59440 Not Applicable
http://secunia.com/advisories/59449 Not Applicable
http://secunia.com/advisories/59450 Not Applicable
http://secunia.com/advisories/59490 Not Applicable
http://secunia.com/advisories/59491 Not Applicable
http://secunia.com/advisories/59514 Not Applicable
http://secunia.com/advisories/59525 Not Applicable
http://secunia.com/advisories/59529 Not Applicable
http://secunia.com/advisories/59655 Not Applicable
http://secunia.com/advisories/59666 Not Applicable
http://secunia.com/advisories/59669 Not Applicable
http://secunia.com/advisories/59721 Not Applicable
http://secunia.com/advisories/59784 Not Applicable
http://secunia.com/advisories/59990 Not Applicable
http://secunia.com/advisories/60049 Not Applicable
http://secunia.com/advisories/60066 Not Applicable
http://secunia.com/advisories/60571 Not Applicable
http://secunia.com/advisories/61254 Not Applicable
http://security.gentoo.org/glsa/glsa-201407-05.xml Third Party Advisory
http://support.citrix.com/article/CTX140876 Third Party Advisory
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html Third Party Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21673137 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21676035 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21676062 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676419 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676529 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676655 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676879 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21676889 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21677527 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21677695 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677828 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677836 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21678167 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21683332 Third Party Advisory
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754 Broken Link
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755 Broken Link
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756 Broken Link
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757 Broken Link
http://www.blackberry.com/btsc/KB36051 Third Party Advisory
http://www.debian.org/security/2014/dsa-2931 Third Party Advisory
http://www.fortiguard.com/advisory/FG-IR-14-018/ Third Party Advisory
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=swg21676356 Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=swg24037783 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2014:080 Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 Broken Link
http://www.openbsd.org/errata55.html#005_openssl Third Party Advisory
http://www.openssl.org/news/secadv_20140605.txt Vendor Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Patch Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Third Party Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/67193 Third Party Advisory VDB Entry
http://www.vmware.com/security/advisories/VMSA-2014-0006.html Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2014-0012.html Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1093837 Issue Tracking Patch Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946 Third Party Advisory
https://kb.bluecoat.com/index?page=content&id=SA80 Broken Link
https://kc.mcafee.com/corporate/index?page=content&id=SB10075 Broken Link
https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321 Broken Link
https://www.novell.com/support/kb/doc.php?id=7015271 Third Party Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
Samaritin/OSINT

None

Updated: 1 month ago
0 stars 0 fork 0 watcher
Born at : Oct. 19, 2024, 7:04 p.m. This repo has been linked 146 different CVEs too.
Profile Photo
chnzzh/OpenSSL-CVE-lib

None

Updated: 2 months, 2 weeks ago
5 stars 0 fork 0 watcher
Born at : Feb. 23, 2023, 5:42 a.m. This repo has been linked 455 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2014-0198 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2014-0198 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Modified Analysis by [email protected]

    Aug. 29, 2022

    Action Type Old Value New Value
    Removed Evaluator Description <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>
    Changed Reference Type http://advisories.mageia.org/MGASA-2014-0204.html No Types Assigned http://advisories.mageia.org/MGASA-2014-0204.html Third Party Advisory
    Changed Reference Type http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc No Types Assigned http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc Third Party Advisory
    Changed Reference Type http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 No Types Assigned http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 Third Party Advisory
    Changed Reference Type http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 No Types Assigned http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 Third Party Advisory
    Changed Reference Type http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html No Types Assigned http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html Mailing List, Third Party Advisory
    Changed Reference Type http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html No Types Assigned http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html Mailing List, Third Party Advisory
    Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html Mailing List, Third Party Advisory
    Changed Reference Type http://lists.opensuse.org/opensuse-updates/2014-05/msg00036.html No Types Assigned http://lists.opensuse.org/opensuse-updates/2014-05/msg00036.html Mailing List, Third Party Advisory
    Changed Reference Type http://lists.opensuse.org/opensuse-updates/2014-05/msg00037.html No Types Assigned http://lists.opensuse.org/opensuse-updates/2014-05/msg00037.html Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140389274407904&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140389274407904&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140389355508263&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140389355508263&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140431828824371&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140431828824371&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140448122410568&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140448122410568&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140544599631400&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140544599631400&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140621259019789&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140621259019789&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140752315422991&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140752315422991&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=140904544427729&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=140904544427729&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://marc.info/?l=bugtraq&m=141658880509699&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=141658880509699&w=2 Mailing List, Third Party Advisory
    Changed Reference Type http://puppetlabs.com/security/cve/cve-2014-0198 No Types Assigned http://puppetlabs.com/security/cve/cve-2014-0198 Third Party Advisory
    Changed Reference Type http://seclists.org/fulldisclosure/2014/Dec/23 No Types Assigned http://seclists.org/fulldisclosure/2014/Dec/23 Mailing List, Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/58337 No Types Assigned http://secunia.com/advisories/58337 Not Applicable
    Changed Reference Type http://secunia.com/advisories/58667 No Types Assigned http://secunia.com/advisories/58667 Not Applicable
    Changed Reference Type http://secunia.com/advisories/58713 No Types Assigned http://secunia.com/advisories/58713 Not Applicable
    Changed Reference Type http://secunia.com/advisories/58714 No Types Assigned http://secunia.com/advisories/58714 Not Applicable
    Changed Reference Type http://secunia.com/advisories/58939 No Types Assigned http://secunia.com/advisories/58939 Not Applicable
    Changed Reference Type http://secunia.com/advisories/58945 No Types Assigned http://secunia.com/advisories/58945 Not Applicable
    Changed Reference Type http://secunia.com/advisories/58977 No Types Assigned http://secunia.com/advisories/58977 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59126 No Types Assigned http://secunia.com/advisories/59126 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59162 No Types Assigned http://secunia.com/advisories/59162 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59163 No Types Assigned http://secunia.com/advisories/59163 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59190 No Types Assigned http://secunia.com/advisories/59190 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59202 No Types Assigned http://secunia.com/advisories/59202 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59264 No Types Assigned http://secunia.com/advisories/59264 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59282 No Types Assigned http://secunia.com/advisories/59282 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59284 No Types Assigned http://secunia.com/advisories/59284 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59287 No Types Assigned http://secunia.com/advisories/59287 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59300 No Types Assigned http://secunia.com/advisories/59300 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59301 No Types Assigned http://secunia.com/advisories/59301 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59306 No Types Assigned http://secunia.com/advisories/59306 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59310 No Types Assigned http://secunia.com/advisories/59310 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59342 No Types Assigned http://secunia.com/advisories/59342 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59374 No Types Assigned http://secunia.com/advisories/59374 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59398 No Types Assigned http://secunia.com/advisories/59398 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59413 No Types Assigned http://secunia.com/advisories/59413 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59437 No Types Assigned http://secunia.com/advisories/59437 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59438 No Types Assigned http://secunia.com/advisories/59438 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59440 No Types Assigned http://secunia.com/advisories/59440 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59449 No Types Assigned http://secunia.com/advisories/59449 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59450 No Types Assigned http://secunia.com/advisories/59450 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59490 No Types Assigned http://secunia.com/advisories/59490 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59491 No Types Assigned http://secunia.com/advisories/59491 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59514 No Types Assigned http://secunia.com/advisories/59514 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59525 No Types Assigned http://secunia.com/advisories/59525 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59529 No Types Assigned http://secunia.com/advisories/59529 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59655 No Types Assigned http://secunia.com/advisories/59655 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59666 No Types Assigned http://secunia.com/advisories/59666 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59669 No Types Assigned http://secunia.com/advisories/59669 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59721 No Types Assigned http://secunia.com/advisories/59721 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59784 No Types Assigned http://secunia.com/advisories/59784 Not Applicable
    Changed Reference Type http://secunia.com/advisories/59990 No Types Assigned http://secunia.com/advisories/59990 Not Applicable
    Changed Reference Type http://secunia.com/advisories/60049 No Types Assigned http://secunia.com/advisories/60049 Not Applicable
    Changed Reference Type http://secunia.com/advisories/60066 No Types Assigned http://secunia.com/advisories/60066 Not Applicable
    Changed Reference Type http://secunia.com/advisories/60571 No Types Assigned http://secunia.com/advisories/60571 Not Applicable
    Changed Reference Type http://secunia.com/advisories/61254 No Types Assigned http://secunia.com/advisories/61254 Not Applicable
    Changed Reference Type http://security.gentoo.org/glsa/glsa-201407-05.xml No Types Assigned http://security.gentoo.org/glsa/glsa-201407-05.xml Third Party Advisory
    Changed Reference Type http://support.citrix.com/article/CTX140876 No Types Assigned http://support.citrix.com/article/CTX140876 Third Party Advisory
    Changed Reference Type http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html No Types Assigned http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html Third Party Advisory
    Changed Reference Type http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl No Types Assigned http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl Third Party Advisory
    Changed Reference Type http://www.blackberry.com/btsc/KB36051 No Types Assigned http://www.blackberry.com/btsc/KB36051 Third Party Advisory
    Changed Reference Type http://www.debian.org/security/2014/dsa-2931 No Types Assigned http://www.debian.org/security/2014/dsa-2931 Third Party Advisory
    Changed Reference Type http://www.fortiguard.com/advisory/FG-IR-14-018/ No Types Assigned http://www.fortiguard.com/advisory/FG-IR-14-018/ Third Party Advisory
    Changed Reference Type http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm No Types Assigned http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm Third Party Advisory
    Changed Reference Type http://www.ibm.com/support/docview.wss?uid=swg21676356 No Types Assigned http://www.ibm.com/support/docview.wss?uid=swg21676356 Third Party Advisory
    Changed Reference Type http://www.ibm.com/support/docview.wss?uid=swg24037783 No Types Assigned http://www.ibm.com/support/docview.wss?uid=swg24037783 Third Party Advisory
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDVSA-2014:080 No Types Assigned http://www.mandriva.com/security/advisories?name=MDVSA-2014:080 Broken Link
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 No Types Assigned http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 Broken Link
    Changed Reference Type http://www.openbsd.org/errata55.html#005_openssl No Types Assigned http://www.openbsd.org/errata55.html#005_openssl Third Party Advisory
    Changed Reference Type http://www.openssl.org/news/secadv_20140605.txt No Types Assigned http://www.openssl.org/news/secadv_20140605.txt Vendor Advisory
    Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html No Types Assigned http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Patch, Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html No Types Assigned http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html No Types Assigned http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html Third Party Advisory
    Changed Reference Type http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html No Types Assigned http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Third Party Advisory
    Changed Reference Type http://www.securityfocus.com/archive/1/534161/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/534161/100/0/threaded Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/bid/67193 No Types Assigned http://www.securityfocus.com/bid/67193 Third Party Advisory, VDB Entry
    Changed Reference Type http://www.vmware.com/security/advisories/VMSA-2014-0006.html No Types Assigned http://www.vmware.com/security/advisories/VMSA-2014-0006.html Third Party Advisory
    Changed Reference Type http://www.vmware.com/security/advisories/VMSA-2014-0012.html No Types Assigned http://www.vmware.com/security/advisories/VMSA-2014-0012.html Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21673137 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21673137 Broken Link
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676035 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676035 Broken Link
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676062 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676062 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676419 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676419 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676529 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676529 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676655 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676655 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676879 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676879 Broken Link
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21676889 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21676889 Broken Link
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21677527 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21677527 Broken Link
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21677695 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21677695 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21677828 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21677828 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21677836 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21677836 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21678167 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21678167 Third Party Advisory
    Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21683332 No Types Assigned http://www-01.ibm.com/support/docview.wss?uid=swg21683332 Third Party Advisory
    Changed Reference Type http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754 No Types Assigned http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754 Broken Link
    Changed Reference Type http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755 No Types Assigned http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755 Broken Link
    Changed Reference Type http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756 No Types Assigned http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756 Broken Link
    Changed Reference Type http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757 No Types Assigned http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757 Broken Link
    Changed Reference Type https://bugzilla.redhat.com/show_bug.cgi?id=1093837 No Types Assigned https://bugzilla.redhat.com/show_bug.cgi?id=1093837 Issue Tracking, Patch, Third Party Advisory
    Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf Third Party Advisory
    Changed Reference Type https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946 No Types Assigned https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946 Third Party Advisory
    Changed Reference Type https://kb.bluecoat.com/index?page=content&id=SA80 No Types Assigned https://kb.bluecoat.com/index?page=content&id=SA80 Broken Link
    Changed Reference Type https://kc.mcafee.com/corporate/index?page=content&id=SB10075 No Types Assigned https://kc.mcafee.com/corporate/index?page=content&id=SB10075 Broken Link
    Changed Reference Type https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321 No Types Assigned https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321 Broken Link
    Changed Reference Type https://www.novell.com/support/kb/doc.php?id=7015271 No Types Assigned https://www.novell.com/support/kb/doc.php?id=7015271 Third Party Advisory
    Removed CWE NIST NVD-CWE-Other
    Added CWE NIST CWE-476
    Changed CPE Configuration OR *cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:* OR *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from (including) 1.0.0 up to (including) 1.0.1g
    Added CPE Configuration OR *cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* versions from (including) 10.0.0 up to (excluding) 10.0.13
    Added CPE Configuration OR *cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:* *cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:* *cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* *cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:* *cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Feb. 10, 2020

    Action Type Old Value New Value
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 09, 2018

    Action Type Old Value New Value
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/534161/100/0/threaded [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 15, 2017

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 20, 2017

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 19, 2017

    Action Type Old Value New Value
    Removed Reference https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 07, 2017

    Action Type Old Value New Value
    Added Reference https://www.novell.com/support/kb/doc.php?id=7015271 [No Types Assigned]
    Added Reference https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 [No Types Assigned]
    Added Reference http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757 [No Types Assigned]
    Added Reference http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756 [No Types Assigned]
    Added Reference http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755 [No Types Assigned]
    Added Reference http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21683332 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21677836 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21676889 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21676879 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21676529 [No Types Assigned]
    Added Reference http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163 [No Types Assigned]
    Added Reference http://www.vmware.com/security/advisories/VMSA-2014-0006.html [No Types Assigned]
    Added Reference http://www.securityfocus.com/bid/67193 [No Types Assigned]
    Added Reference http://www.mandriva.com/security/advisories?name=MDVSA-2014:080 [No Types Assigned]
    Added Reference http://www.ibm.com/support/docview.wss?uid=swg24037783 [No Types Assigned]
    Added Reference http://www.ibm.com/support/docview.wss?uid=swg21676356 [No Types Assigned]
    Added Reference http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html [No Types Assigned]
    Added Reference http://support.citrix.com/article/CTX140876 [No Types Assigned]
    Added Reference http://security.gentoo.org/glsa/glsa-201407-05.xml [No Types Assigned]
    Added Reference http://secunia.com/advisories/61254 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59529 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59525 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59449 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59440 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59437 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59398 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59374 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59310 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59306 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59287 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59284 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59282 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59264 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59202 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59190 [No Types Assigned]
    Added Reference http://secunia.com/advisories/59163 [No Types Assigned]
    Added Reference http://secunia.com/advisories/58977 [No Types Assigned]
    Added Reference http://secunia.com/advisories/58945 [No Types Assigned]
    Added Reference http://secunia.com/advisories/58714 [No Types Assigned]
    Added Reference http://secunia.com/advisories/58713 [No Types Assigned]
    Added Reference http://secunia.com/advisories/58667 [No Types Assigned]
    Added Reference http://secunia.com/advisories/58337 [No Types Assigned]
    Added Reference http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html [No Types Assigned]
    Added Reference http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html [No Types Assigned]
    Added Reference http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 [No Types Assigned]
    Added Reference http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 [No Types Assigned]
    Added Reference http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc [No Types Assigned]
    Added Reference http://advisories.mageia.org/MGASA-2014-0204.html [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 03, 2017

    Action Type Old Value New Value
    Added Reference http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 12, 2016

    Action Type Old Value New Value
    Added Reference https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946
  • CVE Modified by [email protected]

    Aug. 23, 2016

    Action Type Old Value New Value
    Added Reference http://marc.info/?l=bugtraq&m=140431828824371&w=2
    Added Reference http://marc.info/?l=bugtraq&m=141658880509699&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140448122410568&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140621259019789&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140544599631400&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140389274407904&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140904544427729&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140389355508263&w=2
    Added Reference http://marc.info/?l=bugtraq&m=140752315422991&w=2
  • Modified Analysis by [email protected]

    Jul. 08, 2016

    Action Type Old Value New Value
    Added Evaluator Description <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL Pointer Dereference</a>
    Removed CWE CWE-119
    Added CWE NVD-CWE-Other
  • CVE Modified by [email protected]

    Jun. 17, 2016

    Action Type Old Value New Value
    Removed Reference http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html
    Removed Reference http://seclists.org/fulldisclosure/2015/Apr/5
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded
  • CVE Modified by [email protected]

    Apr. 15, 2015

    Action Type Old Value New Value
    Added Reference http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded
    Added Reference http://seclists.org/fulldisclosure/2015/Apr/5
    Added Reference http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html
  • CVE Modified by [email protected]

    Apr. 01, 2015

    Action Type Old Value New Value
    Added Reference http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
  • CVE Modified by [email protected]

    Jan. 22, 2015

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
  • CVE Modified by [email protected]

    Dec. 12, 2014

    Action Type Old Value New Value
    Added Reference http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded
    Added Reference http://www.vmware.com/security/advisories/VMSA-2014-0012.html
    Added Reference http://seclists.org/fulldisclosure/2014/Dec/23
  • Initial Analysis by [email protected]

    May. 06, 2014

    Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2014-0198 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2014-0198 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

4.09 }} -0.28%

score

0.92094

percentile

CVSS2 - Vulnerability Scoring System
Access Vector
Access Complexity
Authentication
Confidentiality
Integrity
Availability
: