Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-1165
HistoryMar 15, 2012 - 12:00 a.m.

CVE-2012-1165

2012-03-1500:00:00
ubuntu.com
ubuntu.com
17

0.114 Low

EPSS

Percentile

95.2%

The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before
0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of
service (NULL pointer dereference and application crash) via a crafted
S/MIME message, a different vulnerability than CVE-2006-7250.

Bugs

Notes

Author Note
jdstrand patch assumes 22144 is also applied Cryptographic Message Syntax was added in 0.9.8h
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchopenssl< 0.9.8k-7ubuntu8.10UNKNOWN
ubuntu11.04noarchopenssl< 0.9.8o-5ubuntu1.4UNKNOWN
ubuntu11.10noarchopenssl< 1.0.0e-2ubuntu4.4UNKNOWN
ubuntu11.10noarchopenssl098< 0.9.8o-7ubuntu1.2UNKNOWN