CVE-2015-1790

OpenSSL: PKCS7 crash with missing EnvelopedContent

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.

La función PKCS7_dataDecode en crypto/pkcs7/pk7_doit.c en OpenSSL anterior a 0.9.8zg, 1.0.0 anterior a 1.0.0s, 1.0.1 anterior a 1.0.1n, y 1.0.2 anterior a 1.0.2b permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo y caída de aplicación) a través de un blob PKCS#7 que utiliza la codificación ASN.1 y al que le faltan datos EncryptedContent internos.

A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-02-17 CVE Reserved
2015-06-11 CVE Published
2024-08-06 CVE Updated
2024-08-12 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (55)

URL	Tag	Source
http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733
http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015
http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.securityfocus.com/bid/75157	Vdb Entry
http://www.securityfocus.com/bid/91787	Vdb Entry
http://www.securitytracker.com/id/1032564	Vdb Entry
https://bto.bluecoat.com/security-advisory/sa98
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
https://github.com/openssl/openssl/commit/59302b600e8d5b77ef144e447bb046fd7ab72686
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965
https://kc.mcafee.com/corporate/index?page=content&id=SB10122
https://openssl.org/news/secadv/20150611.txt
https://support.apple.com/kb/HT205031
https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc	2022-12-13
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	2022-12-13
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html	2022-12-13
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html	2022-12-13
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html	2022-12-13
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html	2022-12-13
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html	2022-12-13
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html	2022-12-13
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html	2022-12-13
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html	2022-12-13
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html	2022-12-13
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html	2022-12-13
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html	2022-12-13
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html	2022-12-13
http://marc.info/?l=bugtraq&m=143654156615516&w=2	2022-12-13
http://marc.info/?l=bugtraq&m=143880121627664&w=2	2022-12-13
http://marc.info/?l=bugtraq&m=144050155601375&w=2	2022-12-13
http://rhn.redhat.com/errata/RHSA-2015-1115.html	2022-12-13
http://rhn.redhat.com/errata/RHSA-2015-1197.html	2022-12-13
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl	2022-12-13
http://www.debian.org/security/2015/dsa-3287	2022-12-13
http://www.ubuntu.com/usn/USN-2639-1	2022-12-13
https://security.gentoo.org/glsa/201506-02	2022-12-13
https://www.openssl.org/news/secadv_20150611.txt	2022-12-13
https://access.redhat.com/security/cve/CVE-2015-1790	2015-06-30
https://bugzilla.redhat.com/show_bug.cgi?id=1228604	2015-06-30

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				<= 0.9.8zf Search vendor "Openssl" for product "Openssl" and version " <= 0.9.8zf"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0"		beta1		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0"		beta2		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0"		beta3		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0"		beta4		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0 Search vendor "Openssl" for product "Openssl" and version "1.0.0"		beta5		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0a Search vendor "Openssl" for product "Openssl" and version "1.0.0a"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0b Search vendor "Openssl" for product "Openssl" and version "1.0.0b"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0c Search vendor "Openssl" for product "Openssl" and version "1.0.0c"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0d Search vendor "Openssl" for product "Openssl" and version "1.0.0d"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0e Search vendor "Openssl" for product "Openssl" and version "1.0.0e"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0f Search vendor "Openssl" for product "Openssl" and version "1.0.0f"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0g Search vendor "Openssl" for product "Openssl" and version "1.0.0g"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0h Search vendor "Openssl" for product "Openssl" and version "1.0.0h"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0i Search vendor "Openssl" for product "Openssl" and version "1.0.0i"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0j Search vendor "Openssl" for product "Openssl" and version "1.0.0j"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0k Search vendor "Openssl" for product "Openssl" and version "1.0.0k"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0l Search vendor "Openssl" for product "Openssl" and version "1.0.0l"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0m Search vendor "Openssl" for product "Openssl" and version "1.0.0m"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0n Search vendor "Openssl" for product "Openssl" and version "1.0.0n"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0o Search vendor "Openssl" for product "Openssl" and version "1.0.0o"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0p Search vendor "Openssl" for product "Openssl" and version "1.0.0p"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0q Search vendor "Openssl" for product "Openssl" and version "1.0.0q"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.0r Search vendor "Openssl" for product "Openssl" and version "1.0.0r"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1"		beta1		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1"		beta2		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1"		beta3		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1a Search vendor "Openssl" for product "Openssl" and version "1.0.1a"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1b Search vendor "Openssl" for product "Openssl" and version "1.0.1b"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1c Search vendor "Openssl" for product "Openssl" and version "1.0.1c"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1d Search vendor "Openssl" for product "Openssl" and version "1.0.1d"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1e Search vendor "Openssl" for product "Openssl" and version "1.0.1e"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1f Search vendor "Openssl" for product "Openssl" and version "1.0.1f"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1g Search vendor "Openssl" for product "Openssl" and version "1.0.1g"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1h Search vendor "Openssl" for product "Openssl" and version "1.0.1h"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1i Search vendor "Openssl" for product "Openssl" and version "1.0.1i"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1j Search vendor "Openssl" for product "Openssl" and version "1.0.1j"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1k Search vendor "Openssl" for product "Openssl" and version "1.0.1k"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1l Search vendor "Openssl" for product "Openssl" and version "1.0.1l"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1m Search vendor "Openssl" for product "Openssl" and version "1.0.1m"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.2 Search vendor "Openssl" for product "Openssl" and version "1.0.2"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.2 Search vendor "Openssl" for product "Openssl" and version "1.0.2"		beta1		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.2a Search vendor "Openssl" for product "Openssl" and version "1.0.2a"		-		Affected