http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-...">Security update for openssl (important) - vulnerability database | Vulners.comhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-...">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-...">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-...">
Lucene search

K
suseSuseSUSE-SU-2012:0623-1
HistoryMay 16, 2012 - 9:08 p.m.

Security update for openssl (important)

2012-05-1621:08:16
lists.opensuse.org
16

0.1 Low

EPSS

Percentile

94.9%

This update of openssl fixes an integer conversation issue
which could cause a heap-based memory corruption
(CVE-2012-2110
<<a href=“http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110”>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110</a>
> ).

Additionally, a check for negative buffer length values was
added ( CVE-2012-2131
<<a href=“http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131”>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131</a>
> ) and the stack made non-executable by marking the
enhanced Intel SSSE3 assembler code as not needing
executable stack.