Back to search
CVE-2015-0287
Published: Mar 19, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2015:0715
vendor-advisory
openSUSE-SU-2015:0554
vendor-advisory
DSA-3197
vendor-advisory
USN-2537-1
vendor-advisory
HPSBMU03409
vendor-advisory
FEDORA-2015-4303
vendor-advisory
73227
vdb-entry
APPLE-SA-2015-09-30-3
vendor-advisory
HPSBMU03380
vendor-advisory
FEDORA-2015-4300
vendor-advisory
APPLE-SA-2015-06-30-2
vendor-advisory
FEDORA-2015-6951
vendor-advisory
openSUSE-SU-2016:0640
vendor-advisory
openSUSE-SU-2015:1277
vendor-advisory
HPSBUX03334
vendor-advisory
MDVSA-2015:063
vendor-advisory
SUSE-SU-2015:0541
vendor-advisory
RHSA-2015:0716
vendor-advisory
HPSBGN03306
vendor-advisory
SUSE-SU-2015:0578
vendor-advisory
FreeBSD-SA-15:06
vendor-advisory
HPSBMU03397
vendor-advisory
RHSA-2015:0752
vendor-advisory
RHSA-2015:0800
vendor-advisory
1031929
vdb-entry
SSRT102000
vendor-advisory
APPLE-SA-2015-09-16-1
vendor-advisory
MDVSA-2015:062
vendor-advisory
FEDORA-2015-4320
vendor-advisory
SUSE-SU-2016:0678
vendor-advisory
FEDORA-2015-6855
vendor-advisory
GLSA-201503-11
vendor-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now