Oval Definition:	oval:org.mitre.oval:def:20422
Revision Date: 2014-01-20 Version: 6 Title: Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX Description: Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2010-3864 Platform(s): VMWare ESX Server 4.0 VMWare ESX Server 4.1 Product(s): Definition Synopsis Patch ESX410-201101201-SG is not installed VMware ESX Server 4.1 is installed AND Patch ESX410-201101201-SG is not installed OR Patch ESX400-201103401-SG is not installed VMware ESX Server 4.0 is installed AND Patch ESX400-201103401-SG is not installed
BACK