Vulnerability-Lookup

CVE-2012-1165 (GCVE-0-2012-1165)

Vulnerability from cvelistv5 – Published: 2012-03-15 17:00 – Updated: 2024-08-06 18:53

Summary

The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://rhn.redhat.com/errata/RHSA-2012-0531.html	vendor-advisoryx_refsource_REDHAT
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/48899	third-party-advisoryx_refsource_SECUNIA
	https://downloads.avaya.com/css/P8/documents/100162507	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2012-1308.html	vendor-advisoryx_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2012/03/12/3	mailing-listx_refsource_MLIST
	http://rhn.redhat.com/errata/RHSA-2012-1307.html	vendor-advisoryx_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2012/03/12/6	mailing-listx_refsource_MLIST
	http://rhn.redhat.com/errata/RHSA-2012-0488.html	vendor-advisoryx_refsource_REDHAT
	http://www.debian.org/security/2012/dsa-2454	vendor-advisoryx_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-1424-1	vendor-advisoryx_refsource_UBUNTU
	http://secunia.com/advisories/48895	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/48580	third-party-advisoryx_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2012-1306.html	vendor-advisoryx_refsource_REDHAT
	http://www.securitytracker.com/id?1026787	vdb-entryx_refsource_SECTRACK
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://marc.info/?l=bugtraq&m=134039053214295&w=2	vendor-advisoryx_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2012-0426.html	vendor-advisoryx_refsource_REDHAT
	http://cvs.openssl.org/chngview?cn=22252	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=133728068926468&w=2	vendor-advisoryx_refsource_HP
	http://marc.info/?l=bugtraq&m=134039053214295&w=2	vendor-advisoryx_refsource_HP
	http://www.securityfocus.com/bid/52764	vdb-entryx_refsource_BID
	http://h20000.www2.hp.com/bizsupport/TechSupport/…	vendor-advisoryx_refsource_HP
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2012/03/13/2	mailing-listx_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2012/03/12/7	mailing-listx_refsource_MLIST
	http://marc.info/?l=bugtraq&m=133728068926468&w=2	vendor-advisoryx_refsource_HP

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:53:36.063Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2012-4630",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html"
          },
          {
            "name": "RHSA-2012:0531",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
          },
          {
            "name": "HPSBMU02786",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "FEDORA-2012-18035",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
          },
          {
            "name": "48899",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48899"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://downloads.avaya.com/css/P8/documents/100162507"
          },
          {
            "name": "RHSA-2012:1308",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
          },
          {
            "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/03/12/3"
          },
          {
            "name": "RHSA-2012:1307",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
          },
          {
            "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/03/12/6"
          },
          {
            "name": "RHSA-2012:0488",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
          },
          {
            "name": "DSA-2454",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2454"
          },
          {
            "name": "USN-1424-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1424-1"
          },
          {
            "name": "48895",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48895"
          },
          {
            "name": "48580",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48580"
          },
          {
            "name": "RHSA-2012:1306",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
          },
          {
            "name": "1026787",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026787"
          },
          {
            "name": "FEDORA-2012-4665",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html"
          },
          {
            "name": "HPSBOV02793",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
          },
          {
            "name": "RHSA-2012:0426",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0426.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cvs.openssl.org/chngview?cn=22252"
          },
          {
            "name": "HPSBUX02782",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
          },
          {
            "name": "SSRT100891",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
          },
          {
            "name": "52764",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/52764"
          },
          {
            "name": "SSRT100877",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "FEDORA-2012-4659",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html"
          },
          {
            "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/03/13/2"
          },
          {
            "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/03/12/7"
          },
          {
            "name": "SSRT100844",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-03-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-12T20:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2012-4630",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html"
        },
        {
          "name": "RHSA-2012:0531",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
        },
        {
          "name": "HPSBMU02786",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
        },
        {
          "name": "FEDORA-2012-18035",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
        },
        {
          "name": "48899",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48899"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://downloads.avaya.com/css/P8/documents/100162507"
        },
        {
          "name": "RHSA-2012:1308",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
        },
        {
          "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/03/12/3"
        },
        {
          "name": "RHSA-2012:1307",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
        },
        {
          "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/03/12/6"
        },
        {
          "name": "RHSA-2012:0488",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
        },
        {
          "name": "DSA-2454",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2454"
        },
        {
          "name": "USN-1424-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1424-1"
        },
        {
          "name": "48895",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48895"
        },
        {
          "name": "48580",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48580"
        },
        {
          "name": "RHSA-2012:1306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
        },
        {
          "name": "1026787",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026787"
        },
        {
          "name": "FEDORA-2012-4665",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html"
        },
        {
          "name": "HPSBOV02793",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
        },
        {
          "name": "RHSA-2012:0426",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0426.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cvs.openssl.org/chngview?cn=22252"
        },
        {
          "name": "HPSBUX02782",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
        },
        {
          "name": "SSRT100891",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
        },
        {
          "name": "52764",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/52764"
        },
        {
          "name": "SSRT100877",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
        },
        {
          "name": "FEDORA-2012-4659",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html"
        },
        {
          "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/03/13/2"
        },
        {
          "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/03/12/7"
        },
        {
          "name": "SSRT100844",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-1165",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FEDORA-2012-4630",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html"
            },
            {
              "name": "RHSA-2012:0531",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
            },
            {
              "name": "HPSBMU02786",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "FEDORA-2012-18035",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
            },
            {
              "name": "48899",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48899"
            },
            {
              "name": "https://downloads.avaya.com/css/P8/documents/100162507",
              "refsource": "CONFIRM",
              "url": "https://downloads.avaya.com/css/P8/documents/100162507"
            },
            {
              "name": "RHSA-2012:1308",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
            },
            {
              "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2012/03/12/3"
            },
            {
              "name": "RHSA-2012:1307",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
            },
            {
              "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2012/03/12/6"
            },
            {
              "name": "RHSA-2012:0488",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
            },
            {
              "name": "DSA-2454",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2454"
            },
            {
              "name": "USN-1424-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1424-1"
            },
            {
              "name": "48895",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48895"
            },
            {
              "name": "48580",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48580"
            },
            {
              "name": "RHSA-2012:1306",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
            },
            {
              "name": "1026787",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026787"
            },
            {
              "name": "FEDORA-2012-4665",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html"
            },
            {
              "name": "HPSBOV02793",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
            },
            {
              "name": "RHSA-2012:0426",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0426.html"
            },
            {
              "name": "http://cvs.openssl.org/chngview?cn=22252",
              "refsource": "CONFIRM",
              "url": "http://cvs.openssl.org/chngview?cn=22252"
            },
            {
              "name": "HPSBUX02782",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
            },
            {
              "name": "SSRT100891",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
            },
            {
              "name": "52764",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/52764"
            },
            {
              "name": "SSRT100877",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "FEDORA-2012-4659",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html"
            },
            {
              "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2012/03/13/2"
            },
            {
              "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2012/03/12/7"
            },
            {
              "name": "SSRT100844",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-1165",
    "datePublished": "2012-03-15T17:00:00.000Z",
    "dateReserved": "2012-02-14T00:00:00.000Z",
    "dateUpdated": "2024-08-06T18:53:36.063Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2012-AVI-419

Vulnerability from certfr_avis - Published: 2012-08-03 - Updated: 2012-08-03

Cinq vulnérabilités ont été corrigées dans IBM AIX. Elles concernent sa partie OpenSSL. Les failles sont des débordements de mémoire tampon, des écrasements de pointeurs et des faiblesses cryptographiques.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	AIX	IBM AIX 5.3 et antérieures ;
IBM	AIX	IBM VIOS 2.X.
IBM	AIX	IBM AIX 7.1 et antérieures ;
IBM	AIX	IBM AIX 6.1 et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité IBM du 01 aout 2012	None	vendor-advisory
Bulletin de sécurité IBM du 01 août 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM AIX 5.3 et ant\u00e9rieures ;",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM VIOS 2.X.",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM AIX 7.1 et ant\u00e9rieures ;",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM AIX 6.1 et ant\u00e9rieures ;",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-2110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2110"
    },
    {
      "name": "CVE-2012-0884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0884"
    },
    {
      "name": "CVE-2012-1165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1165"
    },
    {
      "name": "CVE-2012-2333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2333"
    },
    {
      "name": "CVE-2012-2131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2131"
    }
  ],
  "initial_release_date": "2012-08-03T00:00:00",
  "last_revision_date": "2012-08-03T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 IBM du 01 ao\u00fbt 2012 :",
      "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory4.asc"
    }
  ],
  "reference": "CERTA-2012-AVI-419",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-08-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Cinq vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan class=\"textit\"\u003eIBM\nAIX\u003c/span\u003e. Elles concernent sa partie \u003cspan\nclass=\"textit\"\u003eOpenSSL\u003c/span\u003e. Les failles sont des d\u00e9bordements de\nm\u00e9moire tampon, des \u00e9crasements de pointeurs et des faiblesses\ncryptographiques.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM AIX",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM du 01 aout 2012",
      "url": null
    }
  ]
}

CERTA-2012-AVI-518

Vulnerability from certfr_avis - Published: 2012-09-24 - Updated: 2012-09-24

De multiples vulnérabilités ont été corrigées dans les produits Avaya. Les correctifs sont liés à la mise à jour de leurs systèmes Redhat.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
AVAYA	N/A	Avaya Aura Presence Services versions 6.x
AVAYA	N/A	Avaya Aura Communication Manager versions 6.x
AVAYA	N/A	Avaya Proactive Contact versions 5.x
AVAYA	N/A	Avaya IP Office Application Server versions 7.x
AVAYA	N/A	Avaya IP Office Application Server versions 6.x
AVAYA	N/A	Avaya Aura Communication Manager versions 5.x
AVAYA	N/A	Avaya Voice Portal version 5.1
AVAYA	N/A	Avaya IQ versions 5.x
AVAYA	N/A	Avaya Aura System Platform versions 1.x
AVAYA	N/A	Avaya Voice Portal version 5.0
AVAYA	N/A	Avaya Aura Messaging versions 6.x
AVAYA	N/A	Avaya Aura System Platform versions 6.0.x
AVAYA	N/A	Avaya Aura System Manager versions 6.x
AVAYA	N/A	Avaya Voice Portal version 5.1.1
AVAYA	N/A	Avaya Voice Portal version 5.1.2
AVAYA	N/A	Avaya Aura SIP Enablement Services versions 5.x
AVAYA	N/A	Avaya Aurora Session Manager version 6.2
AVAYA	N/A	Avaya IP Office Application Server versions 8.x
AVAYA	N/A	Avaya Aurora Session Manager versions 5.x
AVAYA	N/A	Avaya Aura System Manager versions 5.x
AVAYA	N/A	Avaya Aura Application Enablement Services versions 5.x
AVAYA	N/A	Avaya Aura Experience Portal versions 6.x
AVAYA	N/A	Avaya Meeting Exchange versions 5.x
AVAYA	N/A	Avaya Messaging Storage Server 5.2.x
AVAYA	N/A	Avaya Aura Conferencing Standard Edition versions 6.x
AVAYA	N/A	Avaya Aura Communication Manager versions 4.x
AVAYA	N/A	Avaya Aura Application Server 5300
AVAYA	N/A	Avaya Aurora Session Manager versions 1.x
AVAYA	N/A	Avaya Aurora Session Manager version 6.2.1
AVAYA	N/A	Avaya Communication Server 1000 versions 7.x
AVAYA	N/A	Avaya Aura Application Enablement Services versions 6.x
AVAYA	N/A	Avaya Aurora Session Manager versions 6.0.x
AVAYA	N/A	Avaya Communication Server 1000 versions 6.x
AVAYA	N/A	Avaya Aura System Platform version 6.2
AVAYA	N/A	Avaya Aura Communication Manager Utility Services versions 6.x
AVAYA	N/A	Avaya Aurora Session Manager versions 6.1.x

References

Title

Publication Time

Tags

Bulletins de sécurité Avaya	None	vendor-advisory
Bulletin de sécurité AVAYA du 18 septembre 2012 :	-	other
Bulletin de sécurité AVAYA du 18 septembre 2012 :	-	other
Bulletin de sécurité AVAYA du 19 septembre 2012 :	-	other
Bulletin de sécurité AVAYA du 18 septembre 2012 :	-	other
Bulletin de sécurité AVAYA du 19 septembre 2012 :	-	other
Bulletin de sécurité AVAYA du 18 septembre 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Avaya Aura Presence Services versions 6.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura Communication Manager versions 6.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Proactive Contact versions 5.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya IP Office Application Server versions 7.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya IP Office Application Server versions 6.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura Communication Manager versions 5.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Voice Portal version 5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya IQ versions 5.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura System Platform versions 1.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Voice Portal version 5.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura Messaging versions 6.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura System Platform versions 6.0.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura System Manager versions 6.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Voice Portal version 5.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Voice Portal version 5.1.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura SIP Enablement Services versions 5.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aurora Session Manager version 6.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya IP Office Application Server versions 8.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aurora Session Manager versions 5.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura System Manager versions 5.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura Application Enablement Services versions 5.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura Experience Portal versions 6.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Meeting Exchange versions 5.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Messaging Storage Server 5.2.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura Conferencing Standard Edition versions 6.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura Communication Manager versions 4.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura Application Server 5300",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aurora Session Manager versions 1.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aurora Session Manager version 6.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Communication Server 1000 versions 7.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura Application Enablement Services versions 6.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aurora Session Manager versions 6.0.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Communication Server 1000 versions 6.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura System Platform version 6.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aura Communication Manager Utility Services versions 6.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    },
    {
      "description": "Avaya Aurora Session Manager versions 6.1.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "AVAYA",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-2213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2213"
    },
    {
      "name": "CVE-2010-4649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4649"
    },
    {
      "name": "CVE-2011-1044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1044"
    },
    {
      "name": "CVE-2011-2022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2022"
    },
    {
      "name": "CVE-2011-1746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1746"
    },
    {
      "name": "CVE-2011-0695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0695"
    },
    {
      "name": "CVE-2011-1745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1745"
    },
    {
      "name": "CVE-2012-0884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0884"
    },
    {
      "name": "CVE-2011-1776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1776"
    },
    {
      "name": "CVE-2011-4028",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4028"
    },
    {
      "name": "CVE-2011-1936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1936"
    },
    {
      "name": "CVE-2011-1593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1593"
    },
    {
      "name": "CVE-2011-1182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1182"
    },
    {
      "name": "CVE-2012-1165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1165"
    },
    {
      "name": "CVE-2012-0864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0864"
    },
    {
      "name": "CVE-2012-0841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0841"
    },
    {
      "name": "CVE-2011-2492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2492"
    },
    {
      "name": "CVE-2011-1573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1573"
    },
    {
      "name": "CVE-2011-0419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0419"
    },
    {
      "name": "CVE-2011-0711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0711"
    },
    {
      "name": "CVE-2011-1576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1576"
    }
  ],
  "initial_release_date": "2012-09-24T00:00:00",
  "last_revision_date": "2012-09-24T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 AVAYA du 18 septembre 2012 :",
      "url": "https://downloads.avaya.com/css/P8/documents/100160780"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 AVAYA du 18 septembre 2012 :",
      "url": "https://downloads.avaya.com/css/P8/documents/100160023"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 AVAYA du 19 septembre 2012 :",
      "url": "https://downloads.avaya.com/css/P8/documents/100162507"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 AVAYA du 18 septembre 2012 :",
      "url": "https://downloads.avaya.com/css/P8/documents/100160589"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 AVAYA du 19 septembre 2012 :",
      "url": "https://downloads.avaya.com/css/P8/documents/100147390"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 AVAYA du 18 septembre 2012 :",
      "url": "https://downloads.avaya.com/css/P8/documents/100141102"
    }
  ],
  "reference": "CERTA-2012-AVI-518",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-09-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eAvaya\u003c/span\u003e. Les correctifs sont li\u00e9s \u00e0 la mise \u00e0 jour\nde leurs syst\u00e8mes \u003cspan class=\"textit\"\u003eRedhat\u003c/span\u003e.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Avaya",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 Avaya",
      "url": null
    }
  ]
}

CERTA-2012-AVI-134

Vulnerability from certfr_avis - Published: 2012-03-13 - Updated: 2012-03-13

Des vulnérabilités ont été corrigées dans OpenSSL et permettent de provoquer un déni de service à distance.

Description

Deux vulnérabilités ont été corrigées dans OpenSSL. Elles permettent à un attaquant de contourner la politique de sécurité et de provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	OpenSSL	OpenSSL	OpenSSL versions 0.9.8t et antérieures.
	OpenSSL	OpenSSL	OpenSSL versions 1.0.0g et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité OpenSSL du 12 mars 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "OpenSSL versions 0.9.8t et ant\u00e9rieures.",
      "product": {
        "name": "OpenSSL",
        "vendor": {
          "name": "OpenSSL",
          "scada": false
        }
      }
    },
    {
      "description": "OpenSSL versions 1.0.0g et ant\u00e9rieures ;",
      "product": {
        "name": "OpenSSL",
        "vendor": {
          "name": "OpenSSL",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans OpenSSL. Elles permettent \u00e0\nun attaquant de contourner la politique de s\u00e9curit\u00e9 et de provoquer un\nd\u00e9ni de service \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-0884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0884"
    },
    {
      "name": "CVE-2012-1165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1165"
    }
  ],
  "initial_release_date": "2012-03-13T00:00:00",
  "last_revision_date": "2012-03-13T00:00:00",
  "links": [],
  "reference": "CERTA-2012-AVI-134",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-03-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Des vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans OpenSSL et permettent de\nprovoquer un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans OpenSSL",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 OpenSSL du 12 mars 2012",
      "url": "http://www.openssl.org/news/secadv_20120312.txt"
    }
  ]
}

CERTA-2012-AVI-286

Vulnerability from certfr_avis - Published: 2012-05-18 - Updated: 2012-05-18

De multiples vulnérabilités ont été corrigées dans HP-UX. Elles affectent l'environnement JAVA JRE et JDK ainsi que OpenSSL. Les failles sont majoritairement des dénis de service mais sont également présents des modifications de données et des accès non autorisés aux données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	HP-UX B.11.31.
N/A	N/A	HP-UX B.11.23 ;
N/A	N/A	HP-UX B.11.11 ;

References

Title

Publication Time

Tags

Bulletin de sécurité HP-UX c03316985 du 15 mai 2012	None	vendor-advisory
Bulletin de sécurité HP-UX c03333987 du 17 mai 2012	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HP-UX B.11.31.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP-UX B.11.23 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "HP-UX B.11.11 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-4476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4476"
    },
    {
      "name": "CVE-2010-4465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4465"
    },
    {
      "name": "CVE-2012-0502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0502"
    },
    {
      "name": "CVE-2010-4473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4473"
    },
    {
      "name": "CVE-2011-3556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3556"
    },
    {
      "name": "CVE-2011-3545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3545"
    },
    {
      "name": "CVE-2011-3548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3548"
    },
    {
      "name": "CVE-2011-0864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0864"
    },
    {
      "name": "CVE-2010-4447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4447"
    },
    {
      "name": "CVE-2011-4619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4619"
    },
    {
      "name": "CVE-2012-2110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2110"
    },
    {
      "name": "CVE-2012-0505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0505"
    },
    {
      "name": "CVE-2011-3552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3552"
    },
    {
      "name": "CVE-2012-0499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0499"
    },
    {
      "name": "CVE-2011-0871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0871"
    },
    {
      "name": "CVE-2011-3560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3560"
    },
    {
      "name": "CVE-2010-4448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4448"
    },
    {
      "name": "CVE-2010-4462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4462"
    },
    {
      "name": "CVE-2012-0884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0884"
    },
    {
      "name": "CVE-2006-7250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-7250"
    },
    {
      "name": "CVE-2012-0506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0506"
    },
    {
      "name": "CVE-2011-0802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0802"
    },
    {
      "name": "CVE-2012-0503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0503"
    },
    {
      "name": "CVE-2012-1165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1165"
    },
    {
      "name": "CVE-2010-4454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4454"
    },
    {
      "name": "CVE-2011-0862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0862"
    },
    {
      "name": "CVE-2011-3563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3563"
    },
    {
      "name": "CVE-2011-0865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0865"
    },
    {
      "name": "CVE-2011-0815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0815"
    },
    {
      "name": "CVE-2010-4469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4469"
    },
    {
      "name": "CVE-2011-0814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0814"
    },
    {
      "name": "CVE-2010-4475",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4475"
    },
    {
      "name": "CVE-2011-3557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3557"
    },
    {
      "name": "CVE-2011-0867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0867"
    },
    {
      "name": "CVE-2011-3549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3549"
    },
    {
      "name": "CVE-2011-3547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3547"
    },
    {
      "name": "CVE-2011-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
    },
    {
      "name": "CVE-2012-2131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2131"
    }
  ],
  "initial_release_date": "2012-05-18T00:00:00",
  "last_revision_date": "2012-05-18T00:00:00",
  "links": [],
  "reference": "CERTA-2012-AVI-286",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-05-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eHP-UX\u003c/span\u003e. Elles affectent l\u0027environnement JAVA \u003cspan\nclass=\"textit\"\u003eJRE\u003c/span\u003e et \u003cspan class=\"textit\"\u003eJDK\u003c/span\u003e ainsi que\n\u003cspan class=\"textit\"\u003eOpenSSL\u003c/span\u003e. Les failles sont majoritairement\ndes d\u00e9nis de service mais sont \u00e9galement pr\u00e9sents des modifications de\ndonn\u00e9es et des acc\u00e8s non autoris\u00e9s aux donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP-UX",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP-UX c03316985 du 15 mai 2012",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03316985"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP-UX c03333987 du 17 mai 2012",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03316985"
    }
  ]
}

CERTA-2012-AVI-358

Vulnerability from certfr_avis - Published: 2012-06-29 - Updated: 2012-06-29

Vingt-huit vulnérabilités ont été corrigées dans HP System Management Homepage. Ces vulnérabilités touchent les versions Linux et Windows du produit et peuvent mener à une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Versions antérieures à HP System Management Homepage 7.1.1.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité HP c03360041 du 26 juin 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eVersions ant\u00e9rieures \u00e0 HP System Management Homepage  7.1.1.\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-4415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4415"
    },
    {
      "name": "CVE-2012-0053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0053"
    },
    {
      "name": "CVE-2011-4078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4078"
    },
    {
      "name": "CVE-2012-0021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0021"
    },
    {
      "name": "CVE-2011-4619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4619"
    },
    {
      "name": "CVE-2012-2015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2015"
    },
    {
      "name": "CVE-2012-2012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2012"
    },
    {
      "name": "CVE-2011-4576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4576"
    },
    {
      "name": "CVE-2012-0031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0031"
    },
    {
      "name": "CVE-2012-2013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2013"
    },
    {
      "name": "CVE-2012-1823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1823"
    },
    {
      "name": "CVE-2011-4577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4577"
    },
    {
      "name": "CVE-2011-1944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1944"
    },
    {
      "name": "CVE-2011-2834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2834"
    },
    {
      "name": "CVE-2011-4108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4108"
    },
    {
      "name": "CVE-2011-2821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2821"
    },
    {
      "name": "CVE-2012-1165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1165"
    },
    {
      "name": "CVE-2011-3607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3607"
    },
    {
      "name": "CVE-2012-2016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2016"
    },
    {
      "name": "CVE-2012-0036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0036"
    },
    {
      "name": "CVE-2012-0057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0057"
    },
    {
      "name": "CVE-2011-4317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4317"
    },
    {
      "name": "CVE-2011-4153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4153"
    },
    {
      "name": "CVE-2011-3379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3379"
    },
    {
      "name": "CVE-2011-4885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4885"
    },
    {
      "name": "CVE-2012-0830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0830"
    },
    {
      "name": "CVE-2012-0027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0027"
    },
    {
      "name": "CVE-2012-2014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2014"
    }
  ],
  "initial_release_date": "2012-06-29T00:00:00",
  "last_revision_date": "2012-06-29T00:00:00",
  "links": [],
  "reference": "CERTA-2012-AVI-358",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-06-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Vingt-huit vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan class=\"textit\"\u003eHP\nSystem Management Homepage\u003c/span\u003e. Ces vuln\u00e9rabilit\u00e9s touchent les\nversions \u003cspan class=\"textit\"\u003eLinux\u003c/span\u003e et \u003cspan\nclass=\"textit\"\u003eWindows\u003c/span\u003e du produit et peuvent mener \u00e0 une\nex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP System Management Homepage",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP c03360041 du 26 juin 2012",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
    }
  ]
}

FKIE_CVE-2012-1165

Vulnerability from fkie_nvd - Published: 2012-03-15 17:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

	URL	Tags
	secalert@redhat.com	http://cvs.openssl.org/chngview?cn=22252
	secalert@redhat.com	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
	secalert@redhat.com	http://marc.info/?l=bugtraq&m=133728068926468&w=2
	secalert@redhat.com	http://marc.info/?l=bugtraq&m=134039053214295&w=2
	secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2012-0426.html
	secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2012-0488.html
	secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2012-0531.html
	secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2012-1306.html
	secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2012-1307.html
	secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2012-1308.html
	secalert@redhat.com	http://secunia.com/advisories/48580
	secalert@redhat.com	http://secunia.com/advisories/48895
	secalert@redhat.com	http://secunia.com/advisories/48899
	secalert@redhat.com	http://www.debian.org/security/2012/dsa-2454
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2012/03/12/3
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2012/03/12/6
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2012/03/12/7
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2012/03/13/2
	secalert@redhat.com	http://www.securityfocus.com/bid/52764
	secalert@redhat.com	http://www.securitytracker.com/id?1026787
	secalert@redhat.com	http://www.ubuntu.com/usn/USN-1424-1
	secalert@redhat.com	https://downloads.avaya.com/css/P8/documents/100162507
	af854a3a-2127-422b-91ae-364da2661108	http://cvs.openssl.org/chngview?cn=22252
	af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=133728068926468&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=134039053214295&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-0426.html
	af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-0488.html
	af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-0531.html
	af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1306.html
	af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1307.html
	af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1308.html
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48580
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48895
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48899
	af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2012/dsa-2454
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2012/03/12/3
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2012/03/12/6
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2012/03/12/7
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2012/03/13/2
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/52764
	af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1026787
	af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1424-1
	af854a3a-2127-422b-91ae-364da2661108	https://downloads.avaya.com/css/P8/documents/100162507

Impacted products

Vendor	Product	Version
openssl	openssl	*
openssl	openssl	0.9.1c
openssl	openssl	0.9.2b
openssl	openssl	0.9.3
openssl	openssl	0.9.3a
openssl	openssl	0.9.4
openssl	openssl	0.9.5
openssl	openssl	0.9.5
openssl	openssl	0.9.5
openssl	openssl	0.9.5a
openssl	openssl	0.9.5a
openssl	openssl	0.9.5a
openssl	openssl	0.9.6
openssl	openssl	0.9.6
openssl	openssl	0.9.6
openssl	openssl	0.9.6
openssl	openssl	0.9.6a
openssl	openssl	0.9.6a
openssl	openssl	0.9.6a
openssl	openssl	0.9.6a
openssl	openssl	0.9.6b
openssl	openssl	0.9.6c
openssl	openssl	0.9.6d
openssl	openssl	0.9.6e
openssl	openssl	0.9.6f
openssl	openssl	0.9.6g
openssl	openssl	0.9.6h
openssl	openssl	0.9.6i
openssl	openssl	0.9.6j
openssl	openssl	0.9.6k
openssl	openssl	0.9.6l
openssl	openssl	0.9.6m
openssl	openssl	0.9.7
openssl	openssl	0.9.7
openssl	openssl	0.9.7
openssl	openssl	0.9.7
openssl	openssl	0.9.7
openssl	openssl	0.9.7
openssl	openssl	0.9.7
openssl	openssl	0.9.7a
openssl	openssl	0.9.7b
openssl	openssl	0.9.7c
openssl	openssl	0.9.7d
openssl	openssl	0.9.7e
openssl	openssl	0.9.7f
openssl	openssl	0.9.7g
openssl	openssl	0.9.7h
openssl	openssl	0.9.7i
openssl	openssl	0.9.7j
openssl	openssl	0.9.7k
openssl	openssl	0.9.7l
openssl	openssl	0.9.7m
openssl	openssl	0.9.8
openssl	openssl	0.9.8a
openssl	openssl	0.9.8b
openssl	openssl	0.9.8c
openssl	openssl	0.9.8d
openssl	openssl	0.9.8e
openssl	openssl	0.9.8f
openssl	openssl	0.9.8g
openssl	openssl	0.9.8h
openssl	openssl	0.9.8i
openssl	openssl	0.9.8j
openssl	openssl	0.9.8k
openssl	openssl	0.9.8l
openssl	openssl	0.9.8m
openssl	openssl	0.9.8m
openssl	openssl	0.9.8n
openssl	openssl	0.9.8o
openssl	openssl	0.9.8p
openssl	openssl	0.9.8q
openssl	openssl	0.9.8r
openssl	openssl	0.9.8s
openssl	openssl	1.0.0
openssl	openssl	1.0.0
openssl	openssl	1.0.0
openssl	openssl	1.0.0
openssl	openssl	1.0.0
openssl	openssl	1.0.0
openssl	openssl	1.0.0a
openssl	openssl	1.0.0b
openssl	openssl	1.0.0c
openssl	openssl	1.0.0d
openssl	openssl	1.0.0e
openssl	openssl	1.0.0f
openssl	openssl	1.0.0g

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "696376CD-ED8A-4086-AD60-C0D5F6999F80",
              "versionEndIncluding": "0.9.8t",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D983EC-61B0-4FD9-89B5-9878E4CE4405",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7BE3C-8CA2-4FB2-B4AE-B201D88C2A9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC4C5F05-BC0B-478D-9A6F-7C804777BA41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F417A1-5D97-4BC4-8B97-5AC40236DA21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8847BD34-BDE6-4AE9-96D9-75B9CF93A6A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDB5A09-BE86-4352-9799-A875649EDB7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "B6231CAA-00A8-41CE-8436-B84518014CF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "A70AD93B-E876-4EAB-9970-752D42E15E99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F03FA9C0-24C7-46AC-92EC-7834BC34C79B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "716ADA01-38B8-4C15-A3BB-D9688DA30599",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "B73326F7-7DCE-4EDE-95D7-AE7AED263A14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E4742C-A983-4F00-B24F-AB280C0E876D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "EA2D251C-9C45-4EFE-8262-E88AB7CE713A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "6D81E175-E698-40EF-9601-425893FFB1FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "FA0F25B7-A172-4300-8718-112E817A6165",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A0628DF-3A4C-4078-B615-22260671EABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "52B1BE89-BAE0-4656-943B-B9B81D9B54B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "D097222B-ED20-459C-9167-55751FA2C87A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "86DDC8F2-7920-4A73-927E-562C89806972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "962FCB86-15AD-4399-8B7D-EC1DEA919C59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
              "matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
              "matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
              "matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
              "matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*",
              "matchCriteriaId": "2636B92E-47D5-42EA-9585-A2B84FBE71CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*",
              "matchCriteriaId": "72FE2F46-2D0C-4C90-AFBE-D2E7B496D6E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "9644CC68-1E91-45E7-8C53-1E3FC9976A4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "9B1B98C4-1FFD-4A7C-AA86-A34BC6F7AB31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*",
              "matchCriteriaId": "73934717-2DA3-4614-A076-D6EDA5EB0626",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
              "matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DE6CBD6-D6DD-4BC5-93F6-FDEA70163336",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
              "matchCriteriaId": "98693865-2E79-4BD6-9F89-1994BC9A3E73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6476506-EC37-4726-82DC-D0E8254A8CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D6ECEF7-CB16-4604-894B-6EB19F1CEF55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C81EF3D-4DB7-4799-9670-8D79E28CA184",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8116A66-175C-4E6D-9A9B-D54C1D97D213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
              "matchCriteriaId": "382C1679-DA1D-4FA4-9D5E-B86CC5052D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CA28812-8A24-4FE1-BED9-D6D5BB023645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*",
              "matchCriteriaId": "9894D83E-2A27-446E-8B47-9C03CF802A2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A9AC4D-E19B-431F-8679-B62F5F46BCF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4E446D-B9D3-45F2-9722-B41FA14A6C31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF4EA988-FC80-4170-8933-7C6663731981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
              "matchCriteriaId": "64F8F53B-24A1-4877-B16E-F1917C4E4E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*",
              "matchCriteriaId": "75D3ACD5-905F-42BB-BE1A-8382E9D823BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*",
              "matchCriteriaId": "766EA6F2-7FA4-4713-9859-9971CCD2FDCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFBC30B7-627D-48DC-8EF0-AE8FA0C6EDBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB38AEA-BAF0-4920-9A71-747C24444770",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F33EA2B-DE15-4695-A383-7A337AC38908",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*",
              "matchCriteriaId": "261EE631-AB43-44FE-B02A-DFAAB8D35927",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0E0BBF-D0BE-41A7-B9BB-C28F01000BC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1365ED-4651-4AB2-A64B-43782EA2F0E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC82690C-DCED-47BA-AA93-4D0C9E95B806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*",
              "matchCriteriaId": "43B90ED1-DAB4-4239-8AD8-87E8D568D5D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C9BF2DD-85EF-49CF-8D83-0DB46449E333",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "6AEBE689-3952-46F0-BACA-BB03041C6D36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*",
              "matchCriteriaId": "86C46AB8-52E5-4385-9C5C-F63FF9DB82AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*",
              "matchCriteriaId": "564AA4E7-223E-48D8-B3E0-A461969CF530",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82CFB41-BEA5-4B5F-BCAA-9BAED22EEAF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C2AE06-B6E8-41C4-BB60-177AC4819CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB15C1F3-0DE8-4A50-B17C-618ECA58AABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*",
              "matchCriteriaId": "45491BD3-7C62-4422-B7DA-CB2741890FBA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FBD8C92-6138-4274-ACBA-D7D42DAEC5AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "3A2075BD-6102-4B0F-839A-836E9585F43B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "2A2FA09E-2BF7-4968-B62D-00DA57F81EA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "F02E634E-1E3D-4E44-BADA-76F92483A732",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "FCC2B07A-49EF-411F-8A4D-89435E22B043",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "7E9480D6-3B6A-4C41-B8C1-C3F945040772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "10FF0A06-DA61-4250-B083-67E55E362677",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A6BA453-C150-4159-B80B-5465EFF83F11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*",
              "matchCriteriaId": "638A2E69-8AB6-4FEA-852A-FEF16A500C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C47D3A-B99D-401D-B6B8-1194B2DB4809",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*",
              "matchCriteriaId": "08355B10-E004-4BE6-A5AE-4D428810580B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*",
              "matchCriteriaId": "738BCFDC-1C49-4774-95AE-E099F707DEF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4B242C0-D27D-4644-AD19-5ACB853C9DC2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n mime_param_cmp en crypto/asn1/asn_mime.c en OpenSSL anteriores v0.9.8u y v1.x v1.0.0h permite atacantes remotos provocar una denegaci\u00f3n de servicio (desreferenciaci\u00f3n de punterio NULL y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de mensaje S/MIME manipulado, es una vulnerabilidad distinta a CVE-2006-7250."
    }
  ],
  "id": "CVE-2012-1165",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-03-15T17:55:00.977",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://cvs.openssl.org/chngview?cn=22252"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0426.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/48580"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/48895"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/48899"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2012/dsa-2454"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/12/3"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/12/6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/12/7"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/13/2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/52764"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1026787"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-1424-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://downloads.avaya.com/css/P8/documents/100162507"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cvs.openssl.org/chngview?cn=22252"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0426.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/48580"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/48895"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/48899"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2012/dsa-2454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/12/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/12/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/12/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/13/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/52764"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1026787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1424-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://downloads.avaya.com/css/P8/documents/100162507"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-9VV4-XXFM-24FF

Vulnerability from github – Published: 2022-05-14 03:50 – Updated: 2022-05-14 03:50

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-1165"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-03-15T17:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250.",
  "id": "GHSA-9vv4-xxfm-24ff",
  "modified": "2022-05-14T03:50:20Z",
  "published": "2022-05-14T03:50:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1165"
    },
    {
      "type": "WEB",
      "url": "https://downloads.avaya.com/css/P8/documents/100162507"
    },
    {
      "type": "WEB",
      "url": "http://cvs.openssl.org/chngview?cn=22252"
    },
    {
      "type": "WEB",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0426.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/48580"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/48895"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/48899"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2012/dsa-2454"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/12/3"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/12/6"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/12/7"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2012/03/13/2"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/52764"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1026787"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1424-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2012-1165

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2012-1165

Aliases

CVE-2012-1165

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-1165",
    "description": "The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250.",
    "id": "GSD-2012-1165",
    "references": [
      "https://www.suse.com/security/cve/CVE-2012-1165.html",
      "https://www.debian.org/security/2012/dsa-2454",
      "https://access.redhat.com/errata/RHSA-2012:1308",
      "https://access.redhat.com/errata/RHSA-2012:1307",
      "https://access.redhat.com/errata/RHSA-2012:1306",
      "https://access.redhat.com/errata/RHSA-2012:0426",
      "https://alas.aws.amazon.com/cve/html/CVE-2012-1165.html",
      "https://linux.oracle.com/cve/CVE-2012-1165.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-1165"
      ],
      "details": "The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250.",
      "id": "GSD-2012-1165",
      "modified": "2023-12-13T01:20:17.692117Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2012-1165",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "FEDORA-2012-4630",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html"
          },
          {
            "name": "RHSA-2012:0531",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
          },
          {
            "name": "HPSBMU02786",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "FEDORA-2012-18035",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
          },
          {
            "name": "48899",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/48899"
          },
          {
            "name": "https://downloads.avaya.com/css/P8/documents/100162507",
            "refsource": "CONFIRM",
            "url": "https://downloads.avaya.com/css/P8/documents/100162507"
          },
          {
            "name": "RHSA-2012:1308",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
          },
          {
            "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2012/03/12/3"
          },
          {
            "name": "RHSA-2012:1307",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
          },
          {
            "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2012/03/12/6"
          },
          {
            "name": "RHSA-2012:0488",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
          },
          {
            "name": "DSA-2454",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2012/dsa-2454"
          },
          {
            "name": "USN-1424-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1424-1"
          },
          {
            "name": "48895",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/48895"
          },
          {
            "name": "48580",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/48580"
          },
          {
            "name": "RHSA-2012:1306",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
          },
          {
            "name": "1026787",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1026787"
          },
          {
            "name": "FEDORA-2012-4665",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html"
          },
          {
            "name": "HPSBOV02793",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
          },
          {
            "name": "RHSA-2012:0426",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0426.html"
          },
          {
            "name": "http://cvs.openssl.org/chngview?cn=22252",
            "refsource": "CONFIRM",
            "url": "http://cvs.openssl.org/chngview?cn=22252"
          },
          {
            "name": "HPSBUX02782",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
          },
          {
            "name": "SSRT100891",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
          },
          {
            "name": "52764",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/52764"
          },
          {
            "name": "SSRT100877",
            "refsource": "HP",
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
          },
          {
            "name": "FEDORA-2012-4659",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html"
          },
          {
            "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2012/03/13/2"
          },
          {
            "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2012/03/12/7"
          },
          {
            "name": "SSRT100844",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "0.9.8t",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-1165"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2012/03/12/6"
            },
            {
              "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2012/03/12/7"
            },
            {
              "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2012/03/13/2"
            },
            {
              "name": "[oss-security] 20120312 Re: CVE request: openssl: null pointer dereference issue",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2012/03/12/3"
            },
            {
              "name": "http://cvs.openssl.org/chngview?cn=22252",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://cvs.openssl.org/chngview?cn=22252"
            },
            {
              "name": "SSRT100891",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=134039053214295\u0026w=2"
            },
            {
              "name": "FEDORA-2012-4665",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html"
            },
            {
              "name": "DSA-2454",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2012/dsa-2454"
            },
            {
              "name": "USN-1424-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-1424-1"
            },
            {
              "name": "48895",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/48895"
            },
            {
              "name": "RHSA-2012:1306",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
            },
            {
              "name": "RHSA-2012:1307",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
            },
            {
              "name": "RHSA-2012:1308",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
            },
            {
              "name": "FEDORA-2012-4630",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html"
            },
            {
              "name": "48899",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/48899"
            },
            {
              "name": "RHSA-2012:0531",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
            },
            {
              "name": "RHSA-2012:0488",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0488.html"
            },
            {
              "name": "SSRT100877",
              "refsource": "HP",
              "tags": [],
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
            },
            {
              "name": "52764",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/52764"
            },
            {
              "name": "https://downloads.avaya.com/css/P8/documents/100162507",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://downloads.avaya.com/css/P8/documents/100162507"
            },
            {
              "name": "FEDORA-2012-18035",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
            },
            {
              "name": "SSRT100844",
              "refsource": "HP",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=133728068926468\u0026w=2"
            },
            {
              "name": "48580",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/48580"
            },
            {
              "name": "FEDORA-2012-4659",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html"
            },
            {
              "name": "RHSA-2012:0426",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0426.html"
            },
            {
              "name": "1026787",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1026787"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-01-13T02:29Z",
      "publishedDate": "2012-03-15T17:55Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-1165 (GCVE-0-2012-1165)

Solution

Solution

Description

Solution

Solution

Solution

Tags

Sightings

Nomenclature