Search for vulnerabilities
Vulnerability details: VCID-znv5-gafq-aaad
Vulnerability ID VCID-znv5-gafq-aaad
Aliases CVE-2010-0740
VC-OPENSSL-20100324-CVE-2010-0740
Summary In TLS connections, certain incorrectly formatted records can cause an OpenSSL client or server to crash due to a read attempt at NULL.
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-20 Improper Input Validation
System Score Found at
generic_textual MODERATE http://marc.info/?l=bugtraq&m=127128920008563&w=2
epss 0.16009 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.16009 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.16009 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.16009 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.16009 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.16009 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.21912 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.33175 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.87002 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.87002 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.87002 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.87002 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.95198 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.95198 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.95198 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.95198 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.95198 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.95198 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.95198 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.95381 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
epss 0.95591 https://api.first.org/data/v1/epss?cve=CVE-2010-0740
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=576584
generic_textual MODERATE https://kb.bluecoat.com/index?page=content&id=SA50
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2010-0740
generic_textual MODERATE http://www.mandriva.com/security/advisories?name=MDVSA-2010:076
generic_textual MODERATE http://www.vmware.com/security/advisories/VMSA-2011-0003.html
generic_textual MODERATE http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
Reference id Reference type URL
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html
http://marc.info/?l=bugtraq&m=127128920008563&w=2
http://marc.info/?l=bugtraq&m=127557640302499&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0740.json
https://api.first.org/data/v1/epss?cve=CVE-2010-0740
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740
http://secunia.com/advisories/39932
http://secunia.com/advisories/42724
http://secunia.com/advisories/42733
http://secunia.com/advisories/43311
https://kb.bluecoat.com/index?page=content&id=SA50
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11731
http://support.apple.com/kb/HT4723
https://www.openssl.org/news/secadv/20100324.txt
http://www.mandriva.com/security/advisories?name=MDVSA-2010:076
http://www.openssl.org/news/secadv_20100324.txt
http://www.securityfocus.com/archive/1/516397/100/0/threaded
http://www.securitytracker.com/id?1023748
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
http://www.vupen.com/english/advisories/2010/0710
http://www.vupen.com/english/advisories/2010/0839
http://www.vupen.com/english/advisories/2010/0933
http://www.vupen.com/english/advisories/2010/1216
575607 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575607
576584 https://bugzilla.redhat.com/show_bug.cgi?id=576584
cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*
CVE-2010-0740 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/12334.c
CVE-2010-0740 https://nvd.nist.gov/vuln/detail/CVE-2010-0740
GLSA-201110-01 https://security.gentoo.org/glsa/201110-01
Data source Exploit-DB
Date added April 21, 2010
Description OpenSSL - Remote Denial of Service
Ransomware campaign use Known
Source publication date April 22, 2010
Exploit type dos
Platform linux
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2010-0740
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.94221
EPSS Score 0.16009
Published At April 5, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.