CVE-2015-0292 in OpenSSLinformación

Resumen (Inglés)

Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted base64 data that triggers a buffer overflow.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservar

2014-11-18

Divulgación

2015-03-19

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
74050	OpenSSL Base64 Decoder desbordamiento de búfer	119	No probado	Arreglo oficial	CVE-2015-0292

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

MITRE
NVD
CVE Details

◂ AnteriorVisión De ConjuntoPróximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!