openssl: asn1_d2i_read_bio integer errors leading to buffer overflow

🗓️ 24 Sep 2012 15:52:00Reported by RedHatType

OpenSSL integer parsing flaw in asn1_d2i_read_bio allows buffer overflow via crafted DER data in certificates or keys.

Reporter	Title	Published	Views	Family All 245
0day.today	OpenSSL ASN1 BIO Memory Corruption Vulnerability	19 Apr 201200:00	–	zdt
0day.today	OpenSSL 1.0.1 Memory Corruption	21 Apr 201200:00	–	zdt
0day.today	OpenSSL 1.0.1 ASN1 BIO Vulnerability	21 Apr 201200:00	–	zdt
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Express for UNIX is affected by multiple vulnerabilities in OpenSSL	24 Jul 202022:49	–	ibm
IBM Security Bulletins	Security Bulletin: Tivoli Management Framework affected by vulnerabilities in OpenSSL versions prior to 1.0.0	25 Sep 202223:13	–	ibm
IBM Security Bulletins	Security Bulletin: SONAS Update Includes Fixes for Multiple Vendor Security Vulnerabilities	26 Sep 202204:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Enterprise for UNIX is affected by multiple vulnerabilities in OpenSSL	25 Sep 202220:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Smart Analytics System 7600, 7700, and 7710 are affected by vulnerabilities in OpenSSL	25 Sep 202220:45	–	ibm
IBM Security Bulletins	Security Bulletin: Storage HMC OpenSSL upgrade to address cryptographic vulnerabilities.	18 Jun 201800:07	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are affected by multiple vulnerabilities in OpenSSL	25 Sep 202223:13	–	ibm

Vulners

Node

AND

Source	Link
openssl	www.openssl.org/news/secadv_20120419.txt
access	www.access.redhat.com/security/cve/CVE-2012-2110
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2012-2110
cve	www.cve.org/CVERecord

14 May 2026 22:16Current

7.2High risk

Vulners AI Score7.2

CVSS 27.5

EPSS0.08744