| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2012-2333 |
189 |
|
DoS |
2012-05-14 |
2013-03-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation. |
|
2 |
CVE-2012-2110 |
119 |
|
DoS Overflow Mem. Corr. |
2012-04-19 |
2013-05-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. |
|
3 |
CVE-2012-1165 |
399 |
|
DoS |
2012-03-15 |
2013-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250. |
|
4 |
CVE-2012-0027 |
399 |
|
DoS |
2012-01-05 |
2012-07-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client. |
|
5 |
CVE-2011-4619 |
399 |
|
DoS |
2012-01-05 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. |
|
6 |
CVE-2011-4577 |
399 |
|
DoS |
2012-01-05 |
2012-11-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers. |
|
7 |
CVE-2011-4576 |
310 |
|
+Info |
2012-01-05 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. |
|
8 |
CVE-2011-4108 |
310 |
|
|
2012-01-05 |
2012-11-06 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. |
|
9 |
CVE-2011-3210 |
399 |
|
DoS |
2011-09-22 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol. |
|
10 |
CVE-2011-3207 |
264 |
|
Bypass |
2011-09-22 |
2012-08-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. |
|
11 |
CVE-2011-1945 |
310 |
|
|
2011-05-31 |
2011-10-25 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation. |
|
12 |
CVE-2011-0014 |
399 |
|
DoS +Info |
2011-02-18 |
2011-08-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability." |
|
13 |
CVE-2010-4252 |
287 |
|
Bypass |
2010-12-06 |
2010-12-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol. |
|
14 |
CVE-2010-4180 |
|
|
|
2010-12-06 |
2012-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. |
|
15 |
CVE-2010-1633 |
264 |
|
Bypass +Info |
2010-06-03 |
2010-06-04 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information. |
|
16 |
CVE-2010-0742 |
310 |
|
Exec Code |
2010-06-03 |
2011-07-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors. |
|
17 |
CVE-2009-4355 |
399 |
|
DoS |
2010-01-14 |
2013-05-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. |
