9 matches found
The vulnerability of the asn1_d2i_read_bio function (crypto/asn1/a_d2i_fp.c) in the OpenSSL library allows a attacker to cause a service failure.
The vulnerability of the asn1d2ireadbio function crypto/asn1/ad2ifp.c in the OpenSSL library is related to resource management errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Denial Of Service (DoS) Through Memory Consumption And Buffer Overflow
OpenSSL is vulnerable to denial of service DoS attacks and possible other attacks. These attacks are possible because the asn1d2ireadbio function doesn't correctly interpret integer data which can be leveraged to do buffer overflow attacks or cause memory consumption...
CVE-2016-2109
CVE-2016-2109 is a denial-of-service in OpenSSL: memory exhaustion caused by a short, invalid ASN.1 encoding read via BIO in the asn1_d2i_read_bio path. Affected are OpenSSL builds before 1.0.1t and 1.0.2 before 1.0.2h. Remediation is to upgrade to OpenSSL 1.0.1t or 1.0.2h (or later). This is sup...
CVE-2016-2109
The asn1d2ireadbio function in crypto/asn1/ad2ifp.c in the ASN.1 BIO implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service memory consumption via a short invalid encoding...
Oracle: Security Advisory (ELSA-2014-0626)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openssl security update
openssl: 1.0.0-20.4 - fix for CVE-2012-2110 - memory corruption in asn1d2ireadbio 814185 openssl098e: 0.9.8e-17.el62.2 - Updated the description 0.9.8e-17.2 - fix for CVE-2012-2110 - memory corruption in asn1d2ireadbio 814185...
OpenSSL memory corruption
Memory corruption in asn1d2ireadbio/SMIMEreadPKCS7/SMIMEreadCMS...
Buffer overflow
The asn1d2ireadbio function in crypto/asn1/ad2ifp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service memory corruption or possibly have...
CVE-2012-2110
The asn1d2ireadbio function in crypto/asn1/ad2ifp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service memory corruption or possibly have...