CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
95.7%
The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before
0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of
service (NULL pointer dereference and application crash) via a crafted
S/MIME message, a different vulnerability than CVE-2006-7250.
Author | Note |
---|---|
jdstrand | patch assumes 22144 is also applied Cryptographic Message Syntax was added in 0.9.8h |