8.5 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.053 Low
EPSS
Percentile
92.9%
Ivan Nestlerode discovered that the Cryptographic Message Syntax
(CMS) and PKCS #7 implementations in OpenSSL returned early if RSA
decryption failed. This could allow an attacker to expose sensitive
information via a Million Message Attack (MMA). (CVE-2012-0884)
It was discovered that an integer underflow was possible when using
TLS 1.1, TLS 1.2, or DTLS with CBC encryption. This could allow a
remote attacker to cause a denial of service. (CVE-2012-2333)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.04 | noarch | libssl0.9.8 | <ย 0.9.8g-4ubuntu3.19 | UNKNOWN |
Ubuntu | 8.04 | noarch | libcrypto0.9.8-udeb | <ย 0.9.8g-4ubuntu3.19 | UNKNOWN |
Ubuntu | 8.04 | noarch | libssl-dev | <ย 0.9.8g-4ubuntu3.19 | UNKNOWN |
Ubuntu | 8.04 | noarch | libssl0.9.8-dbg | <ย 0.9.8g-4ubuntu3.19 | UNKNOWN |
Ubuntu | 8.04 | noarch | openssl | <ย 0.9.8g-4ubuntu3.19 | UNKNOWN |
Ubuntu | 12.04 | noarch | libssl1.0.0 | <ย 1.0.1-4ubuntu5.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libcrypto1.0.0-udeb | <ย 1.0.1-4ubuntu5.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libssl-dev | <ย 1.0.1-4ubuntu5.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libssl1.0.0-dbg | <ย 1.0.1-4ubuntu5.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | libssl1.0.0-udeb | <ย 1.0.1-4ubuntu5.2 | UNKNOWN |