CVE-2015-0288
openssl: X509_to_X509_REQ NULL pointer dereference
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) via an invalid certificate key.
La función X509_to_X509_REQ en crypto/x509/x509_req.c en OpenSSL anterior a 0.9.8zf, 1.0.0 anterior a 1.0.0r, 1.0.1 anterior a 1.0.1m, y 1.0.2 anterior a 1.0.2a podría permitir a atacantes causar una denegación de servicio (referencia a puntero nulo y caída de aplicación) a través de una clave de certificado inválida.
A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-11-18 CVE Reserved
- 2015-03-19 CVE Published
- 2024-08-06 CVE Updated
- 2024-10-29 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (47)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | <= 0.9.8ze Search vendor "Openssl" for product "Openssl" and version " <= 0.9.8ze" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0a Search vendor "Openssl" for product "Openssl" and version "1.0.0a" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0b Search vendor "Openssl" for product "Openssl" and version "1.0.0b" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0c Search vendor "Openssl" for product "Openssl" and version "1.0.0c" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0d Search vendor "Openssl" for product "Openssl" and version "1.0.0d" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0e Search vendor "Openssl" for product "Openssl" and version "1.0.0e" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0f Search vendor "Openssl" for product "Openssl" and version "1.0.0f" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0g Search vendor "Openssl" for product "Openssl" and version "1.0.0g" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0h Search vendor "Openssl" for product "Openssl" and version "1.0.0h" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0i Search vendor "Openssl" for product "Openssl" and version "1.0.0i" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0j Search vendor "Openssl" for product "Openssl" and version "1.0.0j" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0k Search vendor "Openssl" for product "Openssl" and version "1.0.0k" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0l Search vendor "Openssl" for product "Openssl" and version "1.0.0l" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0m Search vendor "Openssl" for product "Openssl" and version "1.0.0m" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0n Search vendor "Openssl" for product "Openssl" and version "1.0.0n" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0o Search vendor "Openssl" for product "Openssl" and version "1.0.0o" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0p Search vendor "Openssl" for product "Openssl" and version "1.0.0p" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.0q Search vendor "Openssl" for product "Openssl" and version "1.0.0q" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1a Search vendor "Openssl" for product "Openssl" and version "1.0.1a" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1b Search vendor "Openssl" for product "Openssl" and version "1.0.1b" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1c Search vendor "Openssl" for product "Openssl" and version "1.0.1c" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1d Search vendor "Openssl" for product "Openssl" and version "1.0.1d" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1e Search vendor "Openssl" for product "Openssl" and version "1.0.1e" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1f Search vendor "Openssl" for product "Openssl" and version "1.0.1f" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1g Search vendor "Openssl" for product "Openssl" and version "1.0.1g" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1h Search vendor "Openssl" for product "Openssl" and version "1.0.1h" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1i Search vendor "Openssl" for product "Openssl" and version "1.0.1i" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1j Search vendor "Openssl" for product "Openssl" and version "1.0.1j" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1k Search vendor "Openssl" for product "Openssl" and version "1.0.1k" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.1l Search vendor "Openssl" for product "Openssl" and version "1.0.1l" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2 Search vendor "Openssl" for product "Openssl" and version "1.0.2" | - |
Affected
|