Vulnerability Details : CVE-2014-5139
The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client.
Vulnerability category: Memory CorruptionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2014-5139
4.96%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less