QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2012-2131

Back to search

CVE-2012-2131

Published: Apr 24, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110.

VendorProductVersions

n/a

n/a

affected
n/a

References

SUSE-SU-2012:0623
vendor-advisory
x_refsource_SUSE
SUSE-SU-2012:1149
vendor-advisory
x_refsource_SUSE
MDVSA-2012:064
vendor-advisory
x_refsource_MANDRIVA
USN-1428-1
vendor-advisory
x_refsource_UBUNTU
DSA-2454
vendor-advisory
x_refsource_DEBIAN
APPLE-SA-2013-06-04-1
vendor-advisory
x_refsource_APPLE
48895
third-party-advisory
x_refsource_SECUNIA
openssl-asn1-code-execution(75099)
vdb-entry
x_refsource_XF
48956
third-party-advisory
x_refsource_SECUNIA
SUSE-SU-2012:0637
vendor-advisory
x_refsource_SUSE
HPSBOV02793
vendor-advisory
x_refsource_HP
57353
third-party-advisory
x_refsource_SECUNIA
HPSBUX02782
vendor-advisory
x_refsource_HP
SSRT100891
vendor-advisory
x_refsource_HP
1026957
vdb-entry
x_refsource_SECTRACK
53212
vdb-entry
x_refsource_BID
SSRT100844
vendor-advisory
x_refsource_HP

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2012-2131 - Security Vulnerability | QwikSec