Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow remote attackers to cause a denial of service (heap memory corruption or NULL pointer dereference) or possibly have unspecified other impact via a long digit string that is mishandled by the (1) BN_dec2bn or (2) BN_hex2bn function, related to crypto/bn/bn.h and crypto/bn/bn_print.c.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openssl | Openssl | 1.0.1m | 1.0.1m |
Openssl | Openssl | 1.0.2a | 1.0.2a |
Openssl | Openssl | 1.0.1j | 1.0.1j |
Openssl | Openssl | 1.0.1 | 1.0.1 |
Openssl | Openssl | 1.0.1h | 1.0.1h |
Openssl | Openssl | 1.0.2e | 1.0.2e |
Openssl | Openssl | 1.0.1r | 1.0.1r |
Openssl | Openssl | 1.0.2b | 1.0.2b |
Openssl | Openssl | 1.0.1c | 1.0.1c |
Openssl | Openssl | 1.0.1g | 1.0.1g |
Openssl | Openssl | 1.0.1 | 1.0.1 |
Openssl | Openssl | 1.0.1a | 1.0.1a |
Openssl | Openssl | 1.0.1 | 1.0.1 |
Openssl | Openssl | 1.0.1d | 1.0.1d |
Openssl | Openssl | 1.0.2c | 1.0.2c |
Openssl | Openssl | 1.0.2 | 1.0.2 |
Openssl | Openssl | 1.0.1p | 1.0.1p |
Openssl | Openssl | 1.0.2 | 1.0.2 |
Openssl | Openssl | 1.0.1k | 1.0.1k |
Openssl | Openssl | 1.0.1b | 1.0.1b |
Openssl | Openssl | 1.0.1n | 1.0.1n |
Openssl | Openssl | 1.0.1q | 1.0.1q |
Openssl | Openssl | 1.0.1e | 1.0.1e |
Openssl | Openssl | 1.0.1l | 1.0.1l |
Openssl | Openssl | 1.0.1f | 1.0.1f |
Openssl | Openssl | 1.0.1o | 1.0.1o |
Openssl | Openssl | 1.0.2 | 1.0.2 |
Openssl | Openssl | 1.0.2f | 1.0.2f |
Openssl | Openssl | 1.0.1i | 1.0.1i |
Openssl | Openssl | 1.0.2 | 1.0.2 |
Openssl | Openssl | 1.0.1 | 1.0.1 |
Openssl | Openssl | 1.0.2d | 1.0.2d |