Back to search
CVE-2012-2333
Published: May 14, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
53476
vdb-entry
x_refsource_BID
49116
third-party-advisory
x_refsource_SECUNIA
SSRT100930
vendor-advisory
x_refsource_HP
FEDORA-2012-18035
vendor-advisory
x_refsource_FEDORA
51312
third-party-advisory
x_refsource_SECUNIA
RHSA-2012:1308
vendor-advisory
x_refsource_REDHAT
http://cvs.openssl.org/chngview?cn=22538
x_refsource_CONFIRM
RHSA-2012:1307
vendor-advisory
x_refsource_REDHAT
SSRT101108
vendor-advisory
x_refsource_HP
http://support.apple.com/kb/HT5784
x_refsource_CONFIRM
APPLE-SA-2013-06-04-1
vendor-advisory
x_refsource_APPLE
49208
third-party-advisory
x_refsource_SECUNIA
VU#737740
third-party-advisory
x_refsource_CERT-VN
SUSE-SU-2012:0679
vendor-advisory
x_refsource_SUSE
https://bugzilla.redhat.com/show_bug.cgi?id=820686
x_refsource_CONFIRM
http://cvs.openssl.org/chngview?cn=22547
x_refsource_CONFIRM
RHSA-2012:1306
vendor-advisory
x_refsource_REDHAT
50768
third-party-advisory
x_refsource_SECUNIA
49324
third-party-advisory
x_refsource_SECUNIA
openssl-tls-record-dos(75525)
vdb-entry
x_refsource_XF
HPSBOV02852
vendor-advisory
x_refsource_HP
SUSE-SU-2012:0678
vendor-advisory
x_refsource_SUSE
http://www.openssl.org/news/secadv_20120510.txt
x_refsource_CONFIRM
1027057
vdb-entry
x_refsource_SECTRACK
FEDORA-2012-7939
vendor-advisory
x_refsource_FEDORA
http://www.cert.fi/en/reports/2012/vulnerability641549.html
x_refsource_MISC
HPSBUX02814
vendor-advisory
x_refsource_HP
DSA-2475
vendor-advisory
x_refsource_DEBIAN
MDVSA-2012:073
vendor-advisory
x_refsource_MANDRIVA
RHSA-2012:0699
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now