CVE-2016-2180 in OpenSSLinfo

Summary

The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishandled by the "openssl ts" command.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

01/29/2016

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
91903	OpenSSL TS_OBJ_print_bio memory corruption	119	Not defined	Official fix	CVE-2016-2180
90396	OpenSSL ts_lib.c TS_OBJ_print_bio out-of-bounds	125	Not defined	Official fix	CVE-2016-2180

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!