CircuiTree Security Advisory for CVE-2014-0160, aka the Heartbleed Vulnerability
A vulnerability has been recently disclosed in OpenSSL that could result in remote attackers being able to obtain sensitive data from the process address space of a vulnerable OpenSSL server or client.
The issue has been assigned the following CVE identifier and is also known as the Heartbleed vulnerability:
What CircuiTree is Doing
CircuiTree has finished analyzing the impact of this issue on current products. The following sections of this advisory provide current information on each product.
CircuiTree Desktop Application (app.mycircuitree.com or applist.mycircuitree.com): The TLS libraries used by the CircuiTree Desktop Application are not vulnerable to CVE-2014-0160.
Client Registration Sites (register.mycamp.com or mycircuitree.com/mycamp) : The TLS library used by Client registration sites are not vulnerable to CVE-2014-0160.
CircuiTree Web (app.circuitreesolutions.com): The TLS library used by CircuiTree Web is not vulnerable to CVE-2014-0160.
SalesLink: The TLS library used by SaleLink is not vulnerable to CVE-2014-0160.
CircuiTree Web Services (webservices.mycircuitree.com or api.mycircuitree.com): The TLS library used by CircuiTree Web Services is not vulnerable to CVE-2014-0160.