5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
80.3%
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols, as well as a
full-strength, general purpose cryptography library.
A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and
CMS data. A remote attacker could use this flaw to cause an application
that parses PKCS#7 or CMS data from untrusted sources to use an excessive
amount of memory and possibly crash. (CVE-2015-3195)
All openssl users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. For the update to take
effect, all services linked to the OpenSSL library must be restarted, or
the system rebooted.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | x86_64 | openssl-perl | < 0.9.8e-37.el5_11 | openssl-perl-0.9.8e-37.el5_11.x86_64.rpm |
RedHat | 5 | i386 | openssl | < 0.9.8e-37.el5_11 | openssl-0.9.8e-37.el5_11.i386.rpm |
RedHat | 5 | s390 | openssl | < 0.9.8e-37.el5_11 | openssl-0.9.8e-37.el5_11.s390.rpm |
RedHat | 5 | ppc | openssl | < 0.9.8e-37.el5_11 | openssl-0.9.8e-37.el5_11.ppc.rpm |
RedHat | 5 | s390x | openssl-perl | < 0.9.8e-37.el5_11 | openssl-perl-0.9.8e-37.el5_11.s390x.rpm |
RedHat | 5 | ppc64 | openssl | < 0.9.8e-37.el5_11 | openssl-0.9.8e-37.el5_11.ppc64.rpm |
RedHat | 5 | ppc64 | openssl-devel | < 0.9.8e-37.el5_11 | openssl-devel-0.9.8e-37.el5_11.ppc64.rpm |
RedHat | 5 | ppc | openssl-debuginfo | < 0.9.8e-37.el5_11 | openssl-debuginfo-0.9.8e-37.el5_11.ppc.rpm |
RedHat | 5 | i386 | openssl-debuginfo | < 0.9.8e-37.el5_11 | openssl-debuginfo-0.9.8e-37.el5_11.i386.rpm |
RedHat | 5 | x86_64 | openssl | < 0.9.8e-37.el5_11 | openssl-0.9.8e-37.el5_11.x86_64.rpm |
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
80.3%