Back to search
CVE-2015-0286
Published: Mar 19, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted X.509 certificate to an endpoint that uses the certificate-verification feature.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2015:0715
vendor-advisory
openSUSE-SU-2015:0554
vendor-advisory
DSA-3197
vendor-advisory
USN-2537-1
vendor-advisory
HPSBMU03409
vendor-advisory
FEDORA-2015-4303
vendor-advisory
APPLE-SA-2015-09-30-3
vendor-advisory
HPSBMU03380
vendor-advisory
FEDORA-2015-4300
vendor-advisory
APPLE-SA-2015-06-30-2
vendor-advisory
FEDORA-2015-6951
vendor-advisory
openSUSE-SU-2016:0640
vendor-advisory
1032917
vdb-entry
openSUSE-SU-2015:1277
vendor-advisory
HPSBUX03334
vendor-advisory
MDVSA-2015:063
vendor-advisory
SUSE-SU-2015:0541
vendor-advisory
RHSA-2015:0716
vendor-advisory
HPSBGN03306
vendor-advisory
SUSE-SU-2015:0578
vendor-advisory
FreeBSD-SA-15:06
vendor-advisory
HPSBMU03397
vendor-advisory
RHSA-2015:0752
vendor-advisory
RHSA-2016:2957
vendor-advisory
1031929
vdb-entry
SSRT102000
vendor-advisory
APPLE-SA-2015-09-16-1
vendor-advisory
MDVSA-2015:062
vendor-advisory
FEDORA-2015-4320
vendor-advisory
FEDORA-2015-6855
vendor-advisory
HPSBMU03413
vendor-advisory
73225
vdb-entry
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now