What is CVE-2002-0656?

CVE-2002-0656 is a vulnerability in N/a. Published 2002-07-31.

Is CVE-2002-0656 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2002-0656

Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.

EPSS: 0.891 (99.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

5363 (vdb-entry, x_refsource_BID)
5362 (vdb-entry, x_refsource_BID)
VU#102795 (x_refsource_CERT-VN, third-party-advisory)
MDKSA-2002:046 (vendor-advisory, x_refsource_MANDRAKE)
VU#258555 (x_refsource_CERT-VN, third-party-advisory)
openssl-ssl2-masterkey-bo(9714) (vdb-entry, x_refsource_XF)
CA-2002-23 (x_refsource_CERT, third-party-advisory)
CLA-2002:513 (vendor-advisory, x_refsource_CONECTIVA)
openssl-ssl3-sessionid-bo(9716) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2002-0656?: CVE-2002-0656 is a vulnerability in N/a. Published 2002-07-31.
Is CVE-2002-0656 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.