CVE Vulnerabilities

CVE-2012-0884

Published: Mar 13, 2012 | Modified: Jan 10, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
2.6 LOW
AV:N/AC:H/Au:N/C:P/I:N/A:N
RedHat/V3
Ubuntu

The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack.

Affected Software

Name Vendor Start Version End Version
Openssl Openssl 0.9.0b 0.9.0b
Openssl Openssl 0.9.1b 0.9.1b
Openssl Openssl 0.9.1c 0.9.1c
Openssl Openssl 0.9.2b 0.9.2b
Openssl Openssl 0.9.3 0.9.3
Openssl Openssl 0.9.3a 0.9.3a
Openssl Openssl 0.9.4 0.9.4
Openssl Openssl 0.9.5 0.9.5
Openssl Openssl 0.9.5a 0.9.5a
Openssl Openssl 0.9.6 0.9.6
Openssl Openssl 0.9.6a 0.9.6a
Openssl Openssl 0.9.6b 0.9.6b
Openssl Openssl 0.9.6c 0.9.6c
Openssl Openssl 0.9.6d 0.9.6d
Openssl Openssl 0.9.6e 0.9.6e
Openssl Openssl 0.9.6f 0.9.6f
Openssl Openssl 0.9.6g 0.9.6g
Openssl Openssl 0.9.6h 0.9.6h
Openssl Openssl 0.9.6i 0.9.6i
Openssl Openssl 0.9.6j 0.9.6j
Openssl Openssl 0.9.6k 0.9.6k
Openssl Openssl 0.9.6l 0.9.6l
Openssl Openssl 0.9.6m 0.9.6m
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.7a 0.9.7a
Openssl Openssl 0.9.7b 0.9.7b
Openssl Openssl 0.9.7c 0.9.7c
Openssl Openssl 0.9.7d 0.9.7d
Openssl Openssl 0.9.7e 0.9.7e
Openssl Openssl 0.9.7f 0.9.7f
Openssl Openssl 0.9.7g 0.9.7g
Openssl Openssl 0.9.7h 0.9.7h
Openssl Openssl 0.9.7i 0.9.7i
Openssl Openssl 0.9.7j 0.9.7j
Openssl Openssl 0.9.7k 0.9.7k
Openssl Openssl 0.9.7l 0.9.7l
Openssl Openssl 0.9.7m 0.9.7m
Openssl Openssl 0.9.8 0.9.8
Openssl Openssl 0.9.8a 0.9.8a
Openssl Openssl 0.9.8b 0.9.8b
Openssl Openssl 0.9.8c 0.9.8c
Openssl Openssl 0.9.8d 0.9.8d
Openssl Openssl 0.9.8e 0.9.8e
Openssl Openssl 0.9.8f 0.9.8f
Openssl Openssl 0.9.8g 0.9.8g
Openssl Openssl 0.9.8h 0.9.8h
Openssl Openssl 0.9.8i 0.9.8i
Openssl Openssl 0.9.8j 0.9.8j
Openssl Openssl 0.9.8k 0.9.8k
Openssl Openssl 0.9.8l 0.9.8l
Openssl Openssl 0.9.8m 0.9.8m
Openssl Openssl 0.9.8n 0.9.8n
Openssl Openssl 0.9.8o 0.9.8o
Openssl Openssl 0.9.8p 0.9.8p
Openssl Openssl 0.9.8q 0.9.8q
Openssl Openssl 0.9.8r 0.9.8r
Openssl Openssl 0.9.8s 0.9.8s
Openssl Openssl * 0.9.8t
Openssl Openssl 1.0.0 1.0.0
Openssl Openssl 1.0.0a 1.0.0a
Openssl Openssl 1.0.0b 1.0.0b
Openssl Openssl 1.0.0c 1.0.0c
Openssl Openssl 1.0.0d 1.0.0d
Openssl Openssl 1.0.0e 1.0.0e
Openssl Openssl 1.0.0f 1.0.0f
Openssl Openssl 1.0.0g 1.0.0g
Red Hat Enterprise Linux 5 RedHat openssl-0:0.9.8e-22.el5_8.1 *
Red Hat Enterprise Linux 6 RedHat openssl-0:1.0.0-20.el6_2.3 *
Red Hat JBoss Enterprise Application Platform 5.1 RedHat *
Red Hat JBoss Enterprise Application Platform 6.0 RedHat *
Red Hat JBoss Web Server 1.0 RedHat *
Openssl Ubuntu hardy *
Openssl Ubuntu lucid *
Openssl Ubuntu maverick *
Openssl Ubuntu natty *
Openssl Ubuntu oneiric *
Openssl Ubuntu upstream *
Openssl098 Ubuntu devel *
Openssl098 Ubuntu oneiric *
Openssl098 Ubuntu precise *
Openssl098 Ubuntu quantal *
Openssl098 Ubuntu raring *
Openssl098 Ubuntu saucy *
Openssl098 Ubuntu trusty *

References