Lucene search

K
ubuntucveUbuntu.comUB:CVE-2006-7250
HistoryFeb 29, 2012 - 12:00 a.m.

CVE-2006-7250

2012-02-2900:00:00
ubuntu.com
ubuntu.com
10

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.143 Low

EPSS

Percentile

95.6%

The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t and
earlier allows remote attackers to cause a denial of service (NULL pointer
dereference and application crash) via a crafted S/MIME message.

Bugs

Notes

Author Note
jdstrand note that 22144 was incorrect and 22243 fixes it and an additional issue Cryptographic Message Syntax was introduced in 0.9.8h
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchopenssl< 0.9.8k-7ubuntu8.10UNKNOWN
ubuntu11.04noarchopenssl< 0.9.8o-5ubuntu1.4UNKNOWN
ubuntu11.10noarchopenssl< 1.0.0e-2ubuntu4.4UNKNOWN
ubuntu11.10noarchopenssl098< 0.9.8o-7ubuntu1.2UNKNOWN

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.143 Low

EPSS

Percentile

95.6%