CVE-2012-2110
OpenSSL - ASN1 BIO Memory Corruption
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
La función asn1_d2i_read_bio en OpenSSL antes de v0.9.8v, en v1.0.0 antes de v1.0.0i y en v1.0.1 antes de v1.0.1a no interpreta correctamente los enteros, lo que permite realizar ataques de desbordamiento de buffer a atacantes remotos, y provocar una denegación de servicio (por corrupción de memoria) o posiblemente tener un impacto no especificado, a través de datos DER debidamente modificados, como lo demuestra un certificado X.509 o una clave pública RSA.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-04-04 CVE Reserved
- 2012-04-19 CVE Published
- 2012-04-19 First Exploit
- 2024-08-06 CVE Updated
- 2024-10-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (42)
URL | Tag | Source |
---|---|---|
http://cvs.openssl.org/chngview?cn=22431 | X_refsource_confirm | |
http://cvs.openssl.org/chngview?cn=22434 | X_refsource_confirm | |
http://cvs.openssl.org/chngview?cn=22439 | X_refsource_confirm | |
http://osvdb.org/81223 | Vdb Entry | |
http://secunia.com/advisories/48847 | Third Party Advisory | |
http://secunia.com/advisories/48895 | Third Party Advisory | |
http://secunia.com/advisories/48899 | Third Party Advisory | |
http://secunia.com/advisories/48942 | Third Party Advisory | |
http://secunia.com/advisories/48999 | Third Party Advisory | |
http://secunia.com/advisories/57353 | Third Party Advisory | |
http://support.apple.com/kb/HT5784 | X_refsource_confirm | |
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564 | X_refsource_confirm | |
http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578 | X_refsource_confirm | |
http://www.securityfocus.com/bid/53158 | Vdb Entry | |
http://www.securitytracker.com/id?1026957 | Vdb Entry | |
https://kb.juniper.net/KB27376 | X_refsource_confirm |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/18756 | 2012-04-19 | |
http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html | 2024-08-06 | |
http://www.exploit-db.com/exploits/18756 | 2024-08-06 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0" | beta1 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0" | beta2 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0" | beta3 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0" | beta4 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0" | beta5 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0a Search vendor "Openssl" for product "Openssl" and version "1.0.0a" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0b Search vendor "Openssl" for product "Openssl" and version "1.0.0b" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0c Search vendor "Openssl" for product "Openssl" and version "1.0.0c" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0d Search vendor "Openssl" for product "Openssl" and version "1.0.0d" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0e Search vendor "Openssl" for product "Openssl" and version "1.0.0e" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0g Search vendor "Openssl" for product "Openssl" and version "1.0.0g" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | <= 0.9.8u Search vendor "Openssl" for product "Openssl" and version " <= 0.9.8u" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.1c Search vendor "Openssl" for product "Openssl" and version "0.9.1c" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.2b Search vendor "Openssl" for product "Openssl" and version "0.9.2b" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.3 Search vendor "Openssl" for product "Openssl" and version "0.9.3" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.3a Search vendor "Openssl" for product "Openssl" and version "0.9.3a" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.4 Search vendor "Openssl" for product "Openssl" and version "0.9.4" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.5 Search vendor "Openssl" for product "Openssl" and version "0.9.5" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.5 Search vendor "Openssl" for product "Openssl" and version "0.9.5" | beta1 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.5 Search vendor "Openssl" for product "Openssl" and version "0.9.5" | beta2 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.5a Search vendor "Openssl" for product "Openssl" and version "0.9.5a" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.5a Search vendor "Openssl" for product "Openssl" and version "0.9.5a" | beta1 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.5a Search vendor "Openssl" for product "Openssl" and version "0.9.5a" | beta2 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6 Search vendor "Openssl" for product "Openssl" and version "0.9.6" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6 Search vendor "Openssl" for product "Openssl" and version "0.9.6" | beta1 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6 Search vendor "Openssl" for product "Openssl" and version "0.9.6" | beta2 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6 Search vendor "Openssl" for product "Openssl" and version "0.9.6" | beta3 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6a Search vendor "Openssl" for product "Openssl" and version "0.9.6a" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6a Search vendor "Openssl" for product "Openssl" and version "0.9.6a" | beta1 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6a Search vendor "Openssl" for product "Openssl" and version "0.9.6a" | beta2 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6a Search vendor "Openssl" for product "Openssl" and version "0.9.6a" | beta3 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6b Search vendor "Openssl" for product "Openssl" and version "0.9.6b" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6c Search vendor "Openssl" for product "Openssl" and version "0.9.6c" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6d Search vendor "Openssl" for product "Openssl" and version "0.9.6d" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6e Search vendor "Openssl" for product "Openssl" and version "0.9.6e" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6f Search vendor "Openssl" for product "Openssl" and version "0.9.6f" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6g Search vendor "Openssl" for product "Openssl" and version "0.9.6g" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6h Search vendor "Openssl" for product "Openssl" and version "0.9.6h" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6i Search vendor "Openssl" for product "Openssl" and version "0.9.6i" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6j Search vendor "Openssl" for product "Openssl" and version "0.9.6j" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6k Search vendor "Openssl" for product "Openssl" and version "0.9.6k" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6l Search vendor "Openssl" for product "Openssl" and version "0.9.6l" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.6m Search vendor "Openssl" for product "Openssl" and version "0.9.6m" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7 Search vendor "Openssl" for product "Openssl" and version "0.9.7" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7 Search vendor "Openssl" for product "Openssl" and version "0.9.7" | beta1 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7 Search vendor "Openssl" for product "Openssl" and version "0.9.7" | beta2 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7 Search vendor "Openssl" for product "Openssl" and version "0.9.7" | beta3 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7 Search vendor "Openssl" for product "Openssl" and version "0.9.7" | beta4 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7 Search vendor "Openssl" for product "Openssl" and version "0.9.7" | beta5 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7 Search vendor "Openssl" for product "Openssl" and version "0.9.7" | beta6 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7a Search vendor "Openssl" for product "Openssl" and version "0.9.7a" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7b Search vendor "Openssl" for product "Openssl" and version "0.9.7b" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7c Search vendor "Openssl" for product "Openssl" and version "0.9.7c" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7d Search vendor "Openssl" for product "Openssl" and version "0.9.7d" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7e Search vendor "Openssl" for product "Openssl" and version "0.9.7e" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7f Search vendor "Openssl" for product "Openssl" and version "0.9.7f" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7g Search vendor "Openssl" for product "Openssl" and version "0.9.7g" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7h Search vendor "Openssl" for product "Openssl" and version "0.9.7h" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7i Search vendor "Openssl" for product "Openssl" and version "0.9.7i" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7j Search vendor "Openssl" for product "Openssl" and version "0.9.7j" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7k Search vendor "Openssl" for product "Openssl" and version "0.9.7k" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7l Search vendor "Openssl" for product "Openssl" and version "0.9.7l" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.7m Search vendor "Openssl" for product "Openssl" and version "0.9.7m" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8 Search vendor "Openssl" for product "Openssl" and version "0.9.8" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8a Search vendor "Openssl" for product "Openssl" and version "0.9.8a" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8b Search vendor "Openssl" for product "Openssl" and version "0.9.8b" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8c Search vendor "Openssl" for product "Openssl" and version "0.9.8c" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8d Search vendor "Openssl" for product "Openssl" and version "0.9.8d" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8e Search vendor "Openssl" for product "Openssl" and version "0.9.8e" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8f Search vendor "Openssl" for product "Openssl" and version "0.9.8f" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8g Search vendor "Openssl" for product "Openssl" and version "0.9.8g" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8h Search vendor "Openssl" for product "Openssl" and version "0.9.8h" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8i Search vendor "Openssl" for product "Openssl" and version "0.9.8i" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8j Search vendor "Openssl" for product "Openssl" and version "0.9.8j" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8k Search vendor "Openssl" for product "Openssl" and version "0.9.8k" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8l Search vendor "Openssl" for product "Openssl" and version "0.9.8l" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8m Search vendor "Openssl" for product "Openssl" and version "0.9.8m" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8m Search vendor "Openssl" for product "Openssl" and version "0.9.8m" | beta1 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8n Search vendor "Openssl" for product "Openssl" and version "0.9.8n" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8o Search vendor "Openssl" for product "Openssl" and version "0.9.8o" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8p Search vendor "Openssl" for product "Openssl" and version "0.9.8p" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8q Search vendor "Openssl" for product "Openssl" and version "0.9.8q" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8r Search vendor "Openssl" for product "Openssl" and version "0.9.8r" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8s Search vendor "Openssl" for product "Openssl" and version "0.9.8s" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 0.9.8t Search vendor "Openssl" for product "Openssl" and version "0.9.8t" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Openssl Search vendor "Redhat" for product "Openssl" | 0.9.6-15 Search vendor "Redhat" for product "Openssl" and version "0.9.6-15" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Openssl Search vendor "Redhat" for product "Openssl" | 0.9.6b-3 Search vendor "Redhat" for product "Openssl" and version "0.9.6b-3" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Openssl Search vendor "Redhat" for product "Openssl" | 0.9.7a-2 Search vendor "Redhat" for product "Openssl" and version "0.9.7a-2" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1" | beta1 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1" | beta2 |
Affected
|