VDB

RHSA-2016%3A0490

RHSA-2016%3A0490 PUBLISHED CVSS 4.300000190734863 MEDIUM

A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled.

Risk Scores

CVSS 2.0
4.300000190734863

Affected Products

VendorProductVersions
Red HatRed Hat JBoss Enterprise Application Platform 6.4

Timeline

  • Mar 22, 2016 CVE Published
  • Jul 7, 2016 PoC Published
  • Apr 11, 2025 PoC Published
  • Apr 30, 2026 Distribution Patch
  • Apr 30, 2026 Distribution Patch
  • Apr 30, 2026 Security Advisory
  • Apr 30, 2026 Security Advisory
  • Apr 30, 2026 Security Advisory
  • Apr 30, 2026 Security Advisory
  • May 14, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›