Lucene search

K
nvd[email protected]NVD:CVE-2012-2333
HistoryMay 14, 2012 - 10:55 p.m.

CVE-2012-2333

2012-05-1422:55:03
CWE-189
web.nvd.nist.gov
2

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

High

EPSS

0.047

Percentile

92.7%

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation.

Affected configurations

NVD
Node
opensslopensslRange0.9.8w
OR
opensslopensslMatch0.9.1c
OR
opensslopensslMatch0.9.2b
OR
opensslopensslMatch0.9.3
OR
opensslopensslMatch0.9.3a
OR
opensslopensslMatch0.9.4
OR
opensslopensslMatch0.9.5
OR
opensslopensslMatch0.9.5beta1
OR
opensslopensslMatch0.9.5beta2
OR
opensslopensslMatch0.9.5a
OR
opensslopensslMatch0.9.5abeta1
OR
opensslopensslMatch0.9.5abeta2
OR
opensslopensslMatch0.9.6
OR
opensslopensslMatch0.9.6beta1
OR
opensslopensslMatch0.9.6beta2
OR
opensslopensslMatch0.9.6beta3
OR
opensslopensslMatch0.9.6a
OR
opensslopensslMatch0.9.6abeta1
OR
opensslopensslMatch0.9.6abeta2
OR
opensslopensslMatch0.9.6abeta3
OR
opensslopensslMatch0.9.6b
OR
opensslopensslMatch0.9.6c
OR
opensslopensslMatch0.9.6d
OR
opensslopensslMatch0.9.6e
OR
opensslopensslMatch0.9.6f
OR
opensslopensslMatch0.9.6g
OR
opensslopensslMatch0.9.6h
OR
opensslopensslMatch0.9.6i
OR
opensslopensslMatch0.9.6j
OR
opensslopensslMatch0.9.6k
OR
opensslopensslMatch0.9.6l
OR
opensslopensslMatch0.9.6m
OR
opensslopensslMatch0.9.7
OR
opensslopensslMatch0.9.7beta1
OR
opensslopensslMatch0.9.7beta2
OR
opensslopensslMatch0.9.7beta3
OR
opensslopensslMatch0.9.7beta4
OR
opensslopensslMatch0.9.7beta5
OR
opensslopensslMatch0.9.7beta6
OR
opensslopensslMatch0.9.7a
OR
opensslopensslMatch0.9.7b
OR
opensslopensslMatch0.9.7c
OR
opensslopensslMatch0.9.7d
OR
opensslopensslMatch0.9.7e
OR
opensslopensslMatch0.9.7f
OR
opensslopensslMatch0.9.7g
OR
opensslopensslMatch0.9.7h
OR
opensslopensslMatch0.9.7i
OR
opensslopensslMatch0.9.7j
OR
opensslopensslMatch0.9.7k
OR
opensslopensslMatch0.9.7l
OR
opensslopensslMatch0.9.7m
OR
opensslopensslMatch0.9.8
OR
opensslopensslMatch0.9.8a
OR
opensslopensslMatch0.9.8b
OR
opensslopensslMatch0.9.8c
OR
opensslopensslMatch0.9.8d
OR
opensslopensslMatch0.9.8e
OR
opensslopensslMatch0.9.8f
OR
opensslopensslMatch0.9.8g
OR
opensslopensslMatch0.9.8h
OR
opensslopensslMatch0.9.8i
OR
opensslopensslMatch0.9.8j
OR
opensslopensslMatch0.9.8k
OR
opensslopensslMatch0.9.8l
OR
opensslopensslMatch0.9.8m
OR
opensslopensslMatch0.9.8mbeta1
OR
opensslopensslMatch0.9.8n
OR
opensslopensslMatch0.9.8o
OR
opensslopensslMatch0.9.8p
OR
opensslopensslMatch0.9.8q
OR
opensslopensslMatch0.9.8r
OR
opensslopensslMatch0.9.8s
OR
opensslopensslMatch0.9.8t
OR
opensslopensslMatch0.9.8u
OR
opensslopensslMatch0.9.8v
OR
redhatopensslMatch0.9.6-15
OR
redhatopensslMatch0.9.6b-3
OR
redhatopensslMatch0.9.7a-2
Node
opensslopensslMatch1.0.0
OR
opensslopensslMatch1.0.0beta1
OR
opensslopensslMatch1.0.0beta2
OR
opensslopensslMatch1.0.0beta3
OR
opensslopensslMatch1.0.0beta4
OR
opensslopensslMatch1.0.0beta5
OR
opensslopensslMatch1.0.0a
OR
opensslopensslMatch1.0.0b
OR
opensslopensslMatch1.0.0c
OR
opensslopensslMatch1.0.0d
OR
opensslopensslMatch1.0.0e
OR
opensslopensslMatch1.0.0f
OR
opensslopensslMatch1.0.0g
OR
opensslopensslMatch1.0.0h
Node
opensslopensslMatch1.0.1
OR
opensslopensslMatch1.0.1beta1
OR
opensslopensslMatch1.0.1beta2
OR
opensslopensslMatch1.0.1beta3
OR
opensslopensslMatch1.0.1a
OR
opensslopensslMatch1.0.1b

References

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

8.9

Confidence

High

EPSS

0.047

Percentile

92.7%