Internet Bug Bounty: EVP_EncodeUpdate overflow (CVE-2016-2105)

https://github.com/openssl/openssl/commit/ee1e3cac2e83abc77bcc8ff98729ca1e10fcc920...

OpenSSL -- multiple vulnerabilities

OpenSSL reports: Padding oracle in AES-NI CBC MAC check EVPEncodeUpdate overflow EVPEncryptUpdate overflow ASN.1 BIO excessive memory allocation EBCDIC overread...

Vulnerability in OpenSSL - EVP_EncodeUpdate overflow

An overflow can occur in the EVPEncodeUpdate function which is used for Base64 encoding of binary data. If an attacker is able to supply very large amounts of input data then a length check can overflow resulting in a heap corruption. Internally to OpenSSL the EVPEncodeUpdate function is primarly...

OpenSSL -- multiple vulnerabilities

OpenSSL reports: Memory corruption in the ASN.1 encoder Padding oracle in AES-NI CBC MAC check EVPEncodeUpdate overflow EVPEncryptUpdate overflow ASN.1 BIO excessive memory allocation EBCDIC overread OpenSSL only...

CVE-2016-2105

Integer overflow in the EVPEncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service heap memory corruption via a large amount of binary data...