// For flags

CVE-2012-1165

openssl: mime_param_cmp NULL dereference crash

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250.

La función mime_param_cmp en crypto/asn1/asn_mime.c en OpenSSL anteriores v0.9.8u y v1.x v1.0.0h permite atacantes remotos provocar una denegación de servicio (desreferenciación de punterio NULL y caída de aplicación) a través de mensaje S/MIME manipulado, es una vulnerabilidad distinta a CVE-2006-7250.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-02-14 CVE Reserved
  • 2012-03-15 CVE Published
  • 2024-04-03 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-399: Resource Management Errors
  • CWE-476: NULL Pointer Dereference
CAPEC
References (28)
URL Tag Source
http://cvs.openssl.org/chngview?cn=22252 X_refsource_confirm
http://secunia.com/advisories/48580 Third Party Advisory
http://secunia.com/advisories/48895 Third Party Advisory
http://secunia.com/advisories/48899 Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/03/12/3 Mailing List
http://www.openwall.com/lists/oss-security/2012/03/12/6 Mailing List
http://www.openwall.com/lists/oss-security/2012/03/12/7 Mailing List
http://www.openwall.com/lists/oss-security/2012/03/13/2 Mailing List
http://www.securityfocus.com/bid/52764 Vdb Entry
http://www.securitytracker.com/id?1026787 Vdb Entry
https://downloads.avaya.com/css/P8/documents/100162507 X_refsource_confirm
URL Date SRC
URL Date SRC
URL Date SRC
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 2018-01-13
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html 2018-01-13
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html 2018-01-13
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html 2018-01-13
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html 2018-01-13
http://marc.info/?l=bugtraq&m=133728068926468&w=2 2018-01-13
http://marc.info/?l=bugtraq&m=134039053214295&w=2 2018-01-13
http://rhn.redhat.com/errata/RHSA-2012-0426.html 2018-01-13
http://rhn.redhat.com/errata/RHSA-2012-0488.html 2018-01-13
http://rhn.redhat.com/errata/RHSA-2012-0531.html 2018-01-13
http://rhn.redhat.com/errata/RHSA-2012-1306.html 2018-01-13
http://rhn.redhat.com/errata/RHSA-2012-1307.html 2018-01-13
http://rhn.redhat.com/errata/RHSA-2012-1308.html 2018-01-13
http://www.debian.org/security/2012/dsa-2454 2018-01-13
http://www.ubuntu.com/usn/USN-1424-1 2018-01-13
https://access.redhat.com/security/cve/CVE-2012-1165 2012-09-24
https://bugzilla.redhat.com/show_bug.cgi?id=802489 2012-09-24
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 <= 0.9.8t
Search vendor "Openssl" for product "Openssl" and version " <= 0.9.8t"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.1c
Search vendor "Openssl" for product "Openssl" and version "0.9.1c"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.2b
Search vendor "Openssl" for product "Openssl" and version "0.9.2b"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.3
Search vendor "Openssl" for product "Openssl" and version "0.9.3"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.3a
Search vendor "Openssl" for product "Openssl" and version "0.9.3a"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.4
Search vendor "Openssl" for product "Openssl" and version "0.9.4"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.5
Search vendor "Openssl" for product "Openssl" and version "0.9.5"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.5
Search vendor "Openssl" for product "Openssl" and version "0.9.5"
beta1
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.5
Search vendor "Openssl" for product "Openssl" and version "0.9.5"
beta2
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.5a
Search vendor "Openssl" for product "Openssl" and version "0.9.5a"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.5a
Search vendor "Openssl" for product "Openssl" and version "0.9.5a"
beta1
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.5a
Search vendor "Openssl" for product "Openssl" and version "0.9.5a"
beta2
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6
Search vendor "Openssl" for product "Openssl" and version "0.9.6"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6
Search vendor "Openssl" for product "Openssl" and version "0.9.6"
beta1
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6
Search vendor "Openssl" for product "Openssl" and version "0.9.6"
beta2
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6
Search vendor "Openssl" for product "Openssl" and version "0.9.6"
beta3
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6a
Search vendor "Openssl" for product "Openssl" and version "0.9.6a"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6a
Search vendor "Openssl" for product "Openssl" and version "0.9.6a"
beta1
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6a
Search vendor "Openssl" for product "Openssl" and version "0.9.6a"
beta2
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6a
Search vendor "Openssl" for product "Openssl" and version "0.9.6a"
beta3
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6b
Search vendor "Openssl" for product "Openssl" and version "0.9.6b"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6c
Search vendor "Openssl" for product "Openssl" and version "0.9.6c"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6d
Search vendor "Openssl" for product "Openssl" and version "0.9.6d"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6e
Search vendor "Openssl" for product "Openssl" and version "0.9.6e"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6f
Search vendor "Openssl" for product "Openssl" and version "0.9.6f"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6g
Search vendor "Openssl" for product "Openssl" and version "0.9.6g"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6h
Search vendor "Openssl" for product "Openssl" and version "0.9.6h"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6i
Search vendor "Openssl" for product "Openssl" and version "0.9.6i"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6j
Search vendor "Openssl" for product "Openssl" and version "0.9.6j"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6k
Search vendor "Openssl" for product "Openssl" and version "0.9.6k"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6l
Search vendor "Openssl" for product "Openssl" and version "0.9.6l"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.6m
Search vendor "Openssl" for product "Openssl" and version "0.9.6m"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7
Search vendor "Openssl" for product "Openssl" and version "0.9.7"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7
Search vendor "Openssl" for product "Openssl" and version "0.9.7"
beta1
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7
Search vendor "Openssl" for product "Openssl" and version "0.9.7"
beta2
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7
Search vendor "Openssl" for product "Openssl" and version "0.9.7"
beta3
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7
Search vendor "Openssl" for product "Openssl" and version "0.9.7"
beta4
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7
Search vendor "Openssl" for product "Openssl" and version "0.9.7"
beta5
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7
Search vendor "Openssl" for product "Openssl" and version "0.9.7"
beta6
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7a
Search vendor "Openssl" for product "Openssl" and version "0.9.7a"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7b
Search vendor "Openssl" for product "Openssl" and version "0.9.7b"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7c
Search vendor "Openssl" for product "Openssl" and version "0.9.7c"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7d
Search vendor "Openssl" for product "Openssl" and version "0.9.7d"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7e
Search vendor "Openssl" for product "Openssl" and version "0.9.7e"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7f
Search vendor "Openssl" for product "Openssl" and version "0.9.7f"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7g
Search vendor "Openssl" for product "Openssl" and version "0.9.7g"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7h
Search vendor "Openssl" for product "Openssl" and version "0.9.7h"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7i
Search vendor "Openssl" for product "Openssl" and version "0.9.7i"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7j
Search vendor "Openssl" for product "Openssl" and version "0.9.7j"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7k
Search vendor "Openssl" for product "Openssl" and version "0.9.7k"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7l
Search vendor "Openssl" for product "Openssl" and version "0.9.7l"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.7m
Search vendor "Openssl" for product "Openssl" and version "0.9.7m"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8
Search vendor "Openssl" for product "Openssl" and version "0.9.8"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8a
Search vendor "Openssl" for product "Openssl" and version "0.9.8a"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8b
Search vendor "Openssl" for product "Openssl" and version "0.9.8b"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8c
Search vendor "Openssl" for product "Openssl" and version "0.9.8c"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8d
Search vendor "Openssl" for product "Openssl" and version "0.9.8d"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8e
Search vendor "Openssl" for product "Openssl" and version "0.9.8e"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8f
Search vendor "Openssl" for product "Openssl" and version "0.9.8f"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8g
Search vendor "Openssl" for product "Openssl" and version "0.9.8g"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8h
Search vendor "Openssl" for product "Openssl" and version "0.9.8h"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8i
Search vendor "Openssl" for product "Openssl" and version "0.9.8i"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8j
Search vendor "Openssl" for product "Openssl" and version "0.9.8j"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8k
Search vendor "Openssl" for product "Openssl" and version "0.9.8k"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8l
Search vendor "Openssl" for product "Openssl" and version "0.9.8l"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8m
Search vendor "Openssl" for product "Openssl" and version "0.9.8m"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8m
Search vendor "Openssl" for product "Openssl" and version "0.9.8m"
beta1
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8n
Search vendor "Openssl" for product "Openssl" and version "0.9.8n"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8o
Search vendor "Openssl" for product "Openssl" and version "0.9.8o"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8p
Search vendor "Openssl" for product "Openssl" and version "0.9.8p"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8q
Search vendor "Openssl" for product "Openssl" and version "0.9.8q"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8r
Search vendor "Openssl" for product "Openssl" and version "0.9.8r"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 0.9.8s
Search vendor "Openssl" for product "Openssl" and version "0.9.8s"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0
Search vendor "Openssl" for product "Openssl" and version "1.0.0"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0
Search vendor "Openssl" for product "Openssl" and version "1.0.0"
beta1
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0
Search vendor "Openssl" for product "Openssl" and version "1.0.0"
beta2
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0
Search vendor "Openssl" for product "Openssl" and version "1.0.0"
beta3
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0
Search vendor "Openssl" for product "Openssl" and version "1.0.0"
beta4
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0
Search vendor "Openssl" for product "Openssl" and version "1.0.0"
beta5
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0a
Search vendor "Openssl" for product "Openssl" and version "1.0.0a"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0b
Search vendor "Openssl" for product "Openssl" and version "1.0.0b"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0c
Search vendor "Openssl" for product "Openssl" and version "1.0.0c"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0d
Search vendor "Openssl" for product "Openssl" and version "1.0.0d"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0e
Search vendor "Openssl" for product "Openssl" and version "1.0.0e"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0f
Search vendor "Openssl" for product "Openssl" and version "1.0.0f"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.0g
Search vendor "Openssl" for product "Openssl" and version "1.0.0g"
-
Affected