CVE Vulnerabilities

CVE-2012-2333

Published: May 14, 2012 | Modified: Jan 05, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
5 MODERATE
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation.

Affected Software

Name Vendor Start Version End Version
Openssl Openssl 0.9.1c 0.9.1c
Openssl Openssl 0.9.2b 0.9.2b
Openssl Openssl 0.9.3 0.9.3
Openssl Openssl 0.9.3a 0.9.3a
Openssl Openssl 0.9.4 0.9.4
Openssl Openssl 0.9.5 0.9.5
Openssl Openssl 0.9.5 0.9.5
Openssl Openssl 0.9.5 0.9.5
Openssl Openssl 0.9.5a 0.9.5a
Openssl Openssl 0.9.5a 0.9.5a
Openssl Openssl 0.9.5a 0.9.5a
Openssl Openssl 0.9.6 0.9.6
Openssl Openssl 0.9.6 0.9.6
Openssl Openssl 0.9.6 0.9.6
Openssl Openssl 0.9.6 0.9.6
Openssl Openssl 0.9.6a 0.9.6a
Openssl Openssl 0.9.6a 0.9.6a
Openssl Openssl 0.9.6a 0.9.6a
Openssl Openssl 0.9.6a 0.9.6a
Openssl Openssl 0.9.6b 0.9.6b
Openssl Openssl 0.9.6c 0.9.6c
Openssl Openssl 0.9.6d 0.9.6d
Openssl Openssl 0.9.6e 0.9.6e
Openssl Openssl 0.9.6f 0.9.6f
Openssl Openssl 0.9.6g 0.9.6g
Openssl Openssl 0.9.6h 0.9.6h
Openssl Openssl 0.9.6i 0.9.6i
Openssl Openssl 0.9.6j 0.9.6j
Openssl Openssl 0.9.6k 0.9.6k
Openssl Openssl 0.9.6l 0.9.6l
Openssl Openssl 0.9.6m 0.9.6m
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.7a 0.9.7a
Openssl Openssl 0.9.7b 0.9.7b
Openssl Openssl 0.9.7c 0.9.7c
Openssl Openssl 0.9.7d 0.9.7d
Openssl Openssl 0.9.7e 0.9.7e
Openssl Openssl 0.9.7f 0.9.7f
Openssl Openssl 0.9.7g 0.9.7g
Openssl Openssl 0.9.7h 0.9.7h
Openssl Openssl 0.9.7i 0.9.7i
Openssl Openssl 0.9.7j 0.9.7j
Openssl Openssl 0.9.7k 0.9.7k
Openssl Openssl 0.9.7l 0.9.7l
Openssl Openssl 0.9.7m 0.9.7m
Openssl Openssl 0.9.8 0.9.8
Openssl Openssl 0.9.8a 0.9.8a
Openssl Openssl 0.9.8b 0.9.8b
Openssl Openssl 0.9.8c 0.9.8c
Openssl Openssl 0.9.8d 0.9.8d
Openssl Openssl 0.9.8e 0.9.8e
Openssl Openssl 0.9.8f 0.9.8f
Openssl Openssl 0.9.8g 0.9.8g
Openssl Openssl 0.9.8h 0.9.8h
Openssl Openssl 0.9.8i 0.9.8i
Openssl Openssl 0.9.8j 0.9.8j
Openssl Openssl 0.9.8k 0.9.8k
Openssl Openssl 0.9.8l 0.9.8l
Openssl Openssl 0.9.8m 0.9.8m
Openssl Openssl 0.9.8m 0.9.8m
Openssl Openssl 0.9.8n 0.9.8n
Openssl Openssl 0.9.8o 0.9.8o
Openssl Openssl 0.9.8p 0.9.8p
Openssl Openssl 0.9.8q 0.9.8q
Openssl Openssl 0.9.8r 0.9.8r
Openssl Openssl 0.9.8s 0.9.8s
Openssl Openssl 0.9.8t 0.9.8t
Openssl Openssl 0.9.8u 0.9.8u
Openssl Openssl 0.9.8v 0.9.8v
Openssl Openssl * 0.9.8w
Openssl Redhat 0.9.6-15 0.9.6-15
Openssl Redhat 0.9.6b-3 0.9.6b-3
Openssl Redhat 0.9.7a-2 0.9.7a-2
Red Hat Enterprise Linux 5 RedHat openssl-0:0.9.8e-22.el5_8.4 *
Red Hat Enterprise Linux 6 RedHat openssl-0:1.0.0-20.el6_2.5 *
Red Hat JBoss Enterprise Application Platform 5.1 RedHat *
Red Hat JBoss Enterprise Application Platform 6.0 RedHat *
Red Hat JBoss Web Server 1.0 RedHat *
Openssl Ubuntu devel *
Openssl Ubuntu hardy *
Openssl Ubuntu lucid *
Openssl Ubuntu natty *
Openssl Ubuntu oneiric *
Openssl Ubuntu precise *
Openssl Ubuntu quantal *
Openssl Ubuntu raring *
Openssl Ubuntu saucy *
Openssl Ubuntu trusty *
Openssl Ubuntu trusty/esm *
Openssl Ubuntu upstream *
Openssl098 Ubuntu devel *
Openssl098 Ubuntu oneiric *
Openssl098 Ubuntu precise *
Openssl098 Ubuntu quantal *
Openssl098 Ubuntu raring *
Openssl098 Ubuntu saucy *
Openssl098 Ubuntu trusty *

References