Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Heartbleed

CVE-2014-0160

Heartbleed is a vulnerability in the OpenSSL library of Google Android that theoretically enables cybercriminals to get access to the information protected by the SSL/TLS encryption methods.

Dr.Web anti-virus for Android detects and removes malicious programs that use the Heartbleed vulnerability just after the beginning of the installation process. Thus, Dr.Web users are effectively protected from such Trojans.

Technical details

The Heartbleed vulnerability (CVE-2014-0160) is caused by the error in the system library /system/lib/libssl.so. This vulnerability exists on Google Android devices that use the following versions of this library: 1.0.1a, 1.0.1b, 1.0.1c, 1.0.1d, 1.0.1e, 1.0.1f, 1.0.2-beta1.

Technical implementation of this vulnerability is based on the OpenSSL library’s incorrect processing of the Heartbeat packages. Due to this, the application attacking the system can use specifically formed requests to get access to 64 KB memory of the system process with which the encrypted secure connection is established. Memory leak occurs because of the absence of buffer overflow check in heartbeat TLS extension’s implementation (RFC 6520). As a result, by modifying the request, cybercriminals can successively read the process’s memory contents. In this memory sector, passwords, session IDs, or private keys can be stored. Cybercriminals can extract these data and use it for their future attacks.

See also information about other vulnerabilities

© Doctor Web
2003 — 2022

Doctor Web is a cybersecurity company focused on threat detection, prevention and response technologies