CVE-2016-7052
https://notcve.org/view.php?id=CVE-2016-7052
crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation. crypto/x509/x509_vfy.c en OpenSSL 1.0.2i permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y caída de aplicación) desencadenando una operación CRL. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html http://www-01.ibm.com/support/docview.wss?uid=swg21995039 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www • CWE-476: NULL Pointer Dereference •
CVE-2016-6306 – openssl: certificate message OOB reads
https://notcve.org/view.php?id=CVE-2016-6306
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. El analizador certificado en OpenSSL en versiones anteriores a 1.0.1u y 1.0.2 en versiones anteriores a 1.0.2i podría permitir a atacantes remotos provocar una denegación de servicio (lectura fuera de rango) a través de operaciones certificadas manipuladas, relacionado con s3_clnt.c y s3_srvr.c. Multiple out of bounds read flaws were found in the way OpenSSL handled certain TLS/SSL protocol handshake messages. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.h • CWE-125: Out-of-bounds Read •
CVE-2016-6304 – openssl: OCSP Status Request extension unbounded memory growth
https://notcve.org/view.php?id=CVE-2016-6304
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions. Múltiples fugas de memoria en t1_lib.c en OpenSSL en versiones anteriores a 1.0.1u, 1.0.2 en versiones anteriores a 1.0.2i y 1.1.0 en versiones anteriores a 1.1.0a permiten a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de grandes extensiones OCSP Status Request A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. Double-free and invalid-free vulnerabilities in x509 parsing were found in the latest OpenSSL (1.1.0b). • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.h • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2016-5172 – chromium-browser: arbitrary memory read in v8
https://notcve.org/view.php?id=CVE-2016-5172
The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code. El analizador en Google V8, como se usa en Google Chrome en versiones anteriores a 53.0.2785.113, no maneja correctamente alcances, lo que permite a atacantes remotos obtener información sensible desde localizaciones de memoria arbitrarias a través de un código JavaScript manipulado. • http://rhn.redhat.com/errata/RHSA-2016-1905.html http://www.debian.org/security/2016/dsa-3667 http://www.securityfocus.com/bid/92942 http://www.securitytracker.com/id/1036826 https://codereview.chromium.org/2077283004 https://crbug.com/616386 https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html https://security.gentoo.org/glsa/201610-09 https://access.redhat.com/security/cve/CVE-2016-5172 https://bugzilla.redhat.com/show_bug.cgi?id=13758 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-6303
https://notcve.org/view.php?id=CVE-2016-6303
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. Desbordamiento de entero en la función MDC2_Update en crypto/mdc2/mdc2dgst.c en OpenSSL en versiones anteriores a 1.1.0 permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites y caída de aplicación) o tener otro posible impacto no especificado a través de vectores desconocidos. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 http://www-01.ibm.com/support/docview.wss?uid=swg21995039 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www. • CWE-787: Out-of-bounds Write •