CVE-2012-2333

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
VendorProductVersion
opensslopenssl
𝑥
≤ 0.9.8w
opensslopenssl
0.9.1c:c
opensslopenssl
0.9.2b:b
opensslopenssl
0.9.3
opensslopenssl
0.9.3a:a
opensslopenssl
0.9.4
opensslopenssl
0.9.5
opensslopenssl
0.9.5:beta1
opensslopenssl
0.9.5:beta2
opensslopenssl
0.9.5a:a
opensslopenssl
0.9.5a:a
opensslopenssl
0.9.5a:a
opensslopenssl
0.9.6
opensslopenssl
0.9.6:beta1
opensslopenssl
0.9.6:beta2
opensslopenssl
0.9.6:beta3
opensslopenssl
0.9.6a:a
opensslopenssl
0.9.6a:a
opensslopenssl
0.9.6a:a
opensslopenssl
0.9.6a:a
opensslopenssl
0.9.6b:b
opensslopenssl
0.9.6c:c
opensslopenssl
0.9.6d:d
opensslopenssl
0.9.6e:e
opensslopenssl
0.9.6f:f
opensslopenssl
0.9.6g:g
opensslopenssl
0.9.6h:h
opensslopenssl
0.9.6i:i
opensslopenssl
0.9.6j:j
opensslopenssl
0.9.6k:k
opensslopenssl
0.9.6l:l
opensslopenssl
0.9.6m:m
opensslopenssl
0.9.7
opensslopenssl
0.9.7:beta1
opensslopenssl
0.9.7:beta2
opensslopenssl
0.9.7:beta3
opensslopenssl
0.9.7:beta4
opensslopenssl
0.9.7:beta5
opensslopenssl
0.9.7:beta6
opensslopenssl
0.9.7a:a
opensslopenssl
0.9.7b:b
opensslopenssl
0.9.7c:c
opensslopenssl
0.9.7d:d
opensslopenssl
0.9.7e:e
opensslopenssl
0.9.7f:f
opensslopenssl
0.9.7g:g
opensslopenssl
0.9.7h:h
opensslopenssl
0.9.7i:i
opensslopenssl
0.9.7j:j
opensslopenssl
0.9.7k:k
opensslopenssl
0.9.7l:l
opensslopenssl
0.9.7m:m
opensslopenssl
0.9.8
opensslopenssl
0.9.8a:a
opensslopenssl
0.9.8b:b
opensslopenssl
0.9.8c:c
opensslopenssl
0.9.8d:d
opensslopenssl
0.9.8e:e
opensslopenssl
0.9.8f:f
opensslopenssl
0.9.8g:g
opensslopenssl
0.9.8h:h
opensslopenssl
0.9.8i:i
opensslopenssl
0.9.8j:j
opensslopenssl
0.9.8k:k
opensslopenssl
0.9.8l:l
opensslopenssl
0.9.8m:m
opensslopenssl
0.9.8m:m
opensslopenssl
0.9.8n:n
opensslopenssl
0.9.8o:o
opensslopenssl
0.9.8p:p
opensslopenssl
0.9.8q:q
opensslopenssl
0.9.8r:r
opensslopenssl
0.9.8s:s
opensslopenssl
0.9.8t:t
opensslopenssl
0.9.8u:u
opensslopenssl
0.9.8v:v
redhatopenssl
0.9.6-15
redhatopenssl
0.9.6b-3:b
redhatopenssl
0.9.7a-2:a
opensslopenssl
1.0.0
opensslopenssl
1.0.0:beta1
opensslopenssl
1.0.0:beta2
opensslopenssl
1.0.0:beta3
opensslopenssl
1.0.0:beta4
opensslopenssl
1.0.0:beta5
opensslopenssl
1.0.0a:a
opensslopenssl
1.0.0b:b
opensslopenssl
1.0.0c:c
opensslopenssl
1.0.0d:d
opensslopenssl
1.0.0e:e
opensslopenssl
1.0.0f:f
opensslopenssl
1.0.0g:g
opensslopenssl
1.0.0h:h
opensslopenssl
1.0.1
opensslopenssl
1.0.1:beta1
opensslopenssl
1.0.1:beta2
opensslopenssl
1.0.1:beta3
opensslopenssl
1.0.1a:a
opensslopenssl
1.0.1b:b
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openssl
bullseye
1.1.1w-0+deb11u1
fixed
bullseye (security)
1.1.1w-0+deb11u2
fixed
bookworm
3.0.14-1~deb12u1
fixed
bookworm (security)
3.0.14-1~deb12u2
fixed
sid
3.3.2-2
fixed
trixie
3.3.2-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openssl
trusty
Fixed 1.0.1-4ubuntu6
released
saucy
Fixed 1.0.1-4ubuntu6
released
raring
Fixed 1.0.1-4ubuntu6
released
quantal
Fixed 1.0.1-4ubuntu6
released
precise
Fixed 1.0.1-4ubuntu5.2
released
oneiric
Fixed 1.0.0e-2ubuntu4.6
released
natty
Fixed 0.9.8o-5ubuntu1.7
released
lucid
Fixed 0.9.8k-7ubuntu8.13
released
hardy
Fixed 0.9.8g-4ubuntu3.19
released
openssl098
trusty
Fixed 0.9.8o-7ubuntu3.2.14.04.1
released
saucy
Fixed 0.9.8o-7ubuntu3.2.13.10.1
released
raring
ignored
quantal
ignored
precise
Fixed 0.9.8o-7ubuntu3.2
released
oneiric
ignored
natty
dne
lucid
dne
hardy
dne
Common Weakness Enumeration
References
http://cvs.openssl.org/chngview?cn=22538
http://cvs.openssl.org/chngview?cn=22547
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081460.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00019.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00020.html
http://marc.info/?l=bugtraq&m=134919053717161&w=2
http://marc.info/?l=bugtraq&m=134919053717161&w=2
http://marc.info/?l=bugtraq&m=136432043316835&w=2
http://marc.info/?l=bugtraq&m=136432043316835&w=2
http://rhn.redhat.com/errata/RHSA-2012-0699.html
http://rhn.redhat.com/errata/RHSA-2012-1306.html
http://rhn.redhat.com/errata/RHSA-2012-1307.html
http://rhn.redhat.com/errata/RHSA-2012-1308.html
http://secunia.com/advisories/49116
http://secunia.com/advisories/49208
http://secunia.com/advisories/49324
http://secunia.com/advisories/50768
http://secunia.com/advisories/51312
http://support.apple.com/kb/HT5784
http://www.cert.fi/en/reports/2012/vulnerability641549.html
http://www.debian.org/security/2012/dsa-2475
http://www.kb.cert.org/vuls/id/737740
http://www.mandriva.com/security/advisories?name=MDVSA-2012:073
http://www.openssl.org/news/secadv_20120510.txt
http://www.securityfocus.com/bid/53476
http://www.securitytracker.com/id?1027057
https://bugzilla.redhat.com/show_bug.cgi?id=820686
https://exchange.xforce.ibmcloud.com/vulnerabilities/75525
http://cvs.openssl.org/chngview?cn=22538
http://cvs.openssl.org/chngview?cn=22547
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081460.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00019.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00020.html
http://marc.info/?l=bugtraq&m=134919053717161&w=2
http://marc.info/?l=bugtraq&m=134919053717161&w=2
http://marc.info/?l=bugtraq&m=136432043316835&w=2
http://marc.info/?l=bugtraq&m=136432043316835&w=2
http://rhn.redhat.com/errata/RHSA-2012-0699.html
http://rhn.redhat.com/errata/RHSA-2012-1306.html
http://rhn.redhat.com/errata/RHSA-2012-1307.html
http://rhn.redhat.com/errata/RHSA-2012-1308.html
http://secunia.com/advisories/49116
http://secunia.com/advisories/49208
http://secunia.com/advisories/49324
http://secunia.com/advisories/50768
http://secunia.com/advisories/51312
http://support.apple.com/kb/HT5784
http://www.cert.fi/en/reports/2012/vulnerability641549.html
http://www.debian.org/security/2012/dsa-2475
http://www.kb.cert.org/vuls/id/737740
http://www.mandriva.com/security/advisories?name=MDVSA-2012:073
http://www.openssl.org/news/secadv_20120510.txt
http://www.securityfocus.com/bid/53476
http://www.securitytracker.com/id?1027057
https://bugzilla.redhat.com/show_bug.cgi?id=820686
https://exchange.xforce.ibmcloud.com/vulnerabilities/75525