Vulnerability Details : CVE-2012-2110
Potential exploit
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.
Vulnerability category: OverflowMemory CorruptionDenial of service
Products affected by CVE-2012-2110
- cpe:2.3:a:redhat:openssl:0.9.6b-3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openssl:0.9.7a-2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openssl:0.9.6-15:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-2110
6.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 90 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-2110
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2012-2110
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-2110
-
http://cvs.openssl.org/chngview?cn=22439
-
http://cvs.openssl.org/chngview?cn=22431
-
http://www.securitytracker.com/id?1026957
OpenSSL asn1_d2i_read_bio() Buffer Overflow Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://rhn.redhat.com/errata/RHSA-2012-1307.html
RHSA-2012:1307 - Security Advisory - Red Hat Customer Portal
-
http://support.apple.com/kb/HT5784
About the security content of OS X Mountain Lion v10.8.4 and Security Update 2013-002 - Apple Support
-
http://www.ubuntu.com/usn/USN-1424-1
USN-1424-1: OpenSSL vulnerabilities | Ubuntu security notices
-
http://marc.info/?l=bugtraq&m=133951357207000&w=2
'[security bulletin] HPSBMU02776 SSRT100852 rev.1 - HP Onboard Administrator (OA), Remote Unauthorize' - MARC
-
http://rhn.redhat.com/errata/RHSA-2012-0522.html
RHSA-2012:0522 - Security Advisory - Red Hat Customer Portal
-
http://marc.info/?l=bugtraq&m=134039053214295&w=2
'[security bulletin] HPSBOV02793 SSRT100891 rev.1 - HP OpenVMS running SSL, Remote Denial of Service' - MARC
-
http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html
Exploit
-
http://secunia.com/advisories/48847
Sign in
-
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html
[SECURITY] Fedora 15 Update: openssl-1.0.0i-1.fc15
-
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564
Security Bulletin: Storage HMC OpenSSL upgrade to address cryptographic vulnerabilities.
-
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html
[SECURITY] Fedora 17 Update: openssl-1.0.0i-1.fc17
-
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
HP Support for Technical Help and Troubleshooting | HP® Customer Service.
-
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html
[SECURITY] Fedora 16 Update: openssl-1.0.0i-1.fc16
-
http://www.exploit-db.com/exploits/18756
OpenSSL - ASN1 BIO Memory Corruption - Multiple dos Exploit
-
http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578
Collax bietet flexible Serverlösungen für KMU und Freiberufler. Mit unseren Lösugen für Virtualisierung und Hochverfügbarkeit vermeiden Sie Ausfallzeiten Ihrer IT. - Collax
-
http://rhn.redhat.com/errata/RHSA-2012-1308.html
RHSA-2012:1308 - Security Advisory - Red Hat Customer Portal
-
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
Apple - Lists.apple.com
-
http://www.debian.org/security/2012/dsa-2454
Debian -- Security Information -- DSA-2454-2 openssl
-
http://www.mandriva.com/security/advisories?name=MDVSA-2012:060
mandriva.com
-
http://osvdb.org/81223
-
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html
[security-announce] SUSE-SU-2012:0637-1: important: Security update for
-
http://www.securityfocus.com/bid/53158
OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
-
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html
[security-announce] SUSE-SU-2012:0623-1: important: Security update for
-
http://rhn.redhat.com/errata/RHSA-2012-1306.html
RHSA-2012:1306 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2012-0518.html
RHSA-2012:0518 - Security Advisory - Red Hat Customer Portal
-
http://cvs.openssl.org/chngview?cn=22434
-
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
[SECURITY] Fedora 18 Update: mingw-openssl-1.0.1c-1.fc18
-
https://kb.juniper.net/KB27376
Juniper Networks - 2013-05 Security Bulletin: Steel Belted Radius: OpenSSL vulnerability CVE-2012-2110
-
http://marc.info/?l=bugtraq&m=133728068926468&w=2
'[security bulletin] HPSBUX02782 SSRT100844 rev.1 - HP-UX Running OpenSSL, Remote Denial of' - MARC
-
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html
[security-announce] SUSE-SU-2012:1149-1: important: Security update for
-
http://www.openssl.org/news/secadv_20120419.txt
Vendor Advisory
Jump to