K32460441: OpenSSL vulnerabilities CVE-2016-7053 and CVE-2016-7054

Security Advisory Description CVE-2016-7053 In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the...

SUSE CVE-2016-7053

In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to...

Security Bulletin: Open Source OpenSSL Vulnerabilities affect IBM Network Advisor

Summary Open Source OpenSSL Vulnerabilities affect IBM Network Advisor CVE-2016-7053, CVE-2016-7054, CVE-2016-7055 Vulnerability Details CVEID: CVE-2016-7053 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference when processing invalid encodings in the...

H3C / HPE Intelligent Management Center PLAT < 7.3 E0504P04 Multiple Vulnerabilities

The version of HPE Intelligent Management Center iMC PLAT installed on the Windows host is prior to 7.3 E0504P04. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists that allows an unauthenticated, remote attacker to execute arbitrary code. CVE-2017-5815 - A...

CVE-2016-7053

In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to...

CVE-2016-7053 CMS Null dereference

In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to...

CVE-2016-7053

CVE-2016-7053 concerns OpenSSL 1.1.0 up to but not including 1.1.0c, where parsing invalid CMS structures can crash with a NULL pointer dereference due to a bug in the ASN.1 CHOICE handling. The issue occurs when a CHOICE structure uses a callback that does not handle NULL values, potentially pas...

SA135 : OpenSSL Vulnerabilities 10-Nov-2016

SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service and obtain SSL/TLS session key information. AFFECTED PRODUCTS The following products are vulnerable: Director -...

SOL32460441 - OpenSSL vulnerabilities CVE-2016-7053 and CVE-2016-7054

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...