fkie_cve-2015-0287
Vulnerability from fkie_nvd
Published
2015-03-19 22:59
Modified
2024-11-21 02:22
Severity ?
Summary
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.
References
secalert@redhat.comhttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2015-May/157177.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00022.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2015-03/msg00062.html
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=142841429220765&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=143213830203296&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=143213830203296&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=143748090628601&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=144050155601375&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=144050297101809&w=2
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-0715.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-0716.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-0752.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2015-0800.html
secalert@redhat.comhttp://support.apple.com/kb/HT204942
secalert@redhat.comhttp://www.debian.org/security/2015/dsa-3197
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:062
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:063
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
secalert@redhat.comhttp://www.securityfocus.com/bid/73227
secalert@redhat.comhttp://www.securitytracker.com/id/1031929
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2537-1
secalert@redhat.comhttps://access.redhat.com/articles/1384453
secalert@redhat.comhttps://bto.bluecoat.com/security-advisory/sa92
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=1202380
secalert@redhat.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
secalert@redhat.comhttps://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=b717b083073b6cacc0a5e2397b661678aff7ae7f
secalert@redhat.comhttps://kc.mcafee.com/corporate/index?page=content&id=SB10110
secalert@redhat.comhttps://security.gentoo.org/glsa/201503-11
secalert@redhat.comhttps://support.apple.com/HT205212
secalert@redhat.comhttps://support.apple.com/HT205267
secalert@redhat.comhttps://support.citrix.com/article/CTX216642
secalert@redhat.comhttps://www.freebsd.org/security/advisories/FreeBSD-SA-15%3A06.openssl.asc
secalert@redhat.comhttps://www.openssl.org/news/secadv_20150319.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157177.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00022.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2015-03/msg00062.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=142841429220765&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143213830203296&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143213830203296&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=143748090628601&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144050155601375&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=144050297101809&w=2
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-0715.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-0716.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-0752.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2015-0800.html
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT204942
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2015/dsa-3197
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2015:063
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/73227
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031929
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2537-1
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/articles/1384453
af854a3a-2127-422b-91ae-364da2661108https://bto.bluecoat.com/security-advisory/sa92
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1202380
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
af854a3a-2127-422b-91ae-364da2661108https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=b717b083073b6cacc0a5e2397b661678aff7ae7f
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10110
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201503-11
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/HT205212
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/HT205267
af854a3a-2127-422b-91ae-364da2661108https://support.citrix.com/article/CTX216642
af854a3a-2127-422b-91ae-364da2661108https://www.freebsd.org/security/advisories/FreeBSD-SA-15%3A06.openssl.asc
af854a3a-2127-422b-91ae-364da2661108https://www.openssl.org/news/secadv_20150319.txtVendor Advisory
Impacted products
Vendor Product Version
openssl openssl *
openssl openssl 1.0.0
openssl openssl 1.0.0a
openssl openssl 1.0.0b
openssl openssl 1.0.0c
openssl openssl 1.0.0d
openssl openssl 1.0.0e
openssl openssl 1.0.0f
openssl openssl 1.0.0g
openssl openssl 1.0.0h
openssl openssl 1.0.0i
openssl openssl 1.0.0j
openssl openssl 1.0.0k
openssl openssl 1.0.0l
openssl openssl 1.0.0m
openssl openssl 1.0.0n
openssl openssl 1.0.0o
openssl openssl 1.0.0p
openssl openssl 1.0.0q
openssl openssl 1.0.1
openssl openssl 1.0.1a
openssl openssl 1.0.1b
openssl openssl 1.0.1c
openssl openssl 1.0.1d
openssl openssl 1.0.1e
openssl openssl 1.0.1f
openssl openssl 1.0.1g
openssl openssl 1.0.1h
openssl openssl 1.0.1i
openssl openssl 1.0.1j
openssl openssl 1.0.1k
openssl openssl 1.0.1l
openssl openssl 1.0.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE2907ED-57AA-41E4-9AC6-055F138B9204",
              "versionEndIncluding": "0.9.8ze",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FBD8C92-6138-4274-ACBA-D7D42DAEC5AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "10FF0A06-DA61-4250-B083-67E55E362677",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A6BA453-C150-4159-B80B-5465EFF83F11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*",
              "matchCriteriaId": "638A2E69-8AB6-4FEA-852A-FEF16A500C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C47D3A-B99D-401D-B6B8-1194B2DB4809",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*",
              "matchCriteriaId": "08355B10-E004-4BE6-A5AE-4D428810580B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*",
              "matchCriteriaId": "738BCFDC-1C49-4774-95AE-E099F707DEF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4B242C0-D27D-4644-AD19-5ACB853C9DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DC683F2-4346-4E5E-A8D7-67B4F4D7827B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*",
              "matchCriteriaId": "764B7D38-BC1B-47DB-B1DF-D092BDA4BFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*",
              "matchCriteriaId": "6604E7BE-9F9B-444D-A63A-F65D1CFDF3BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*",
              "matchCriteriaId": "132B9217-B0E0-4E3E-9096-162AA28E158E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*",
              "matchCriteriaId": "7619F9A0-9054-4217-93D1-3EA64876C5B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D82C405-17E2-4DF1-8DF5-315BD5A41595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C96806F-4718-4BD3-9102-55A26AA86498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A16CD99-AF7F-4931-AD2E-77727BA18FBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*",
              "matchCriteriaId": "88440697-754A-47A7-BF83-4D0EB68FFB10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD51F0FC-F426-4AE5-B3B9-B813C580EBAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D1C00C0-C77E-4255-9ECA-20F2673C7366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A66E6CF-39CF-412E-8EF0-8E10BA21B4A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "C684FB18-FDDC-4BED-A28C-C23EE6CD0094",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "A74A79A7-4FAF-4C81-8622-050008B96AE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEDACCB9-8D61-49EE-9957-9E58BC7BB031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*",
              "matchCriteriaId": "4993DD56-F9E3-4AC8-AC3E-BF204B950DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*",
              "matchCriteriaId": "E884B241-F9C3-44F8-A420-DE65F5F3D660",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A383620-B4F7-44A7-85DA-A4FF2E115D80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F0C6812-F455-49CF-B29B-9AC00306DA43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2D462C-A1B4-4572-A615-BDE9DC5F1E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*",
              "matchCriteriaId": "3703E445-17C0-4C85-A496-A35641C0C8DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F4034B9-EF1C-40E6-B92A-D4D7B7E7E774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABEC1927-F469-4B9E-B544-DA6CF90F0B34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD3E5C1B-EC63-4214-A0BD-0B8681CE6C8B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n ASN1_item_ex_d2i en crypto/asn1/tasn_dec.c en OpenSSL anterior a 0.9.8zf, 1.0.0 anterior a 1.0.0r, 1.0.1 anterior a 1.0.1m, y 1.0.2 anterior a 1.0.2a no reinicializa estructuras de datos CHOICE y ADB, lo que podr\u00eda permitir a atacantes causar una denegaci\u00f3n de servicio (operaci\u00f3n de escritura inv\u00e1lida y corrupci\u00f3n de memoria) mediante el aprovechamiento de una aplicaci\u00f3n que depende del reuso de estructuras ASN.1."
    }
  ],
  "id": "CVE-2015-0287",
  "lastModified": "2024-11-21T02:22:43.930",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-03-19T22:59:05.770",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10680"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157177.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00022.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00062.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=142841429220765\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=143213830203296\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=143213830203296\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0715.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0716.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0752.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0800.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.apple.com/kb/HT204942"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2015/dsa-3197"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:063"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/73227"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id/1031929"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-2537-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/articles/1384453"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bto.bluecoat.com/security-advisory/sa92"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202380"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=b717b083073b6cacc0a5e2397b661678aff7ae7f"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10110"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://security.gentoo.org/glsa/201503-11"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://support.apple.com/HT205212"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://support.apple.com/HT205267"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://support.citrix.com/article/CTX216642"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-15%3A06.openssl.asc"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.openssl.org/news/secadv_20150319.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10680"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156823.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157177.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00062.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=142841429220765\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=143213830203296\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=143213830203296\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=144050297101809\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0715.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0716.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0752.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0800.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT204942"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2015/dsa-3197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:063"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/73227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2537-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/articles/1384453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bto.bluecoat.com/security-advisory/sa92"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=b717b083073b6cacc0a5e2397b661678aff7ae7f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10110"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/201503-11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/HT205212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.apple.com/HT205267"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.citrix.com/article/CTX216642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-15%3A06.openssl.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.openssl.org/news/secadv_20150319.txt"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-17"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.