CVE-2012-2110 in OpenSSLinfo

Zusammenfassung (Englisch)

The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.

Reservieren

04.04.2012

Veröffentlichung

19.04.2012

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
5260	OpenSSL ASN.1 asn1_d2i_read_bio Pufferüberlauf	119	Proof-of-Concept	Offizieller Fix	CVE-2012-2110

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

◂ ZurückÜbersichtWeiter ▸

Interested in the pricing of exploits?

See the underground prices here!