QwikSec

Security Database

CVE

CWE

Training

CVE-2012-0884

Published: Mar 13, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

FEDORA-2012-4630

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_REDHAT

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564

x_refsource_CONFIRM

FEDORA-2012-18035

vendor-advisory

x_refsource_FEDORA

https://downloads.avaya.com/css/P8/documents/100162507

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2012:0547

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

http://www.openssl.org/news/secadv_20120312.txt

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_DEBIAN

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_CERT-VN

vendor-advisory

x_refsource_REDHAT

FEDORA-2012-4665

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_HP

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_HP

FEDORA-2012-4659

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_HP

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.