CVE-2016-2108
05.05.2016, 01:59
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.Enginsight
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_hpc_node | 6.0 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| openssl | openssl | 𝑥 ≤ 1.0.1n |
| openssl | openssl | 1.0.2 |
| openssl | openssl | 1.0.2:beta1 |
| openssl | openssl | 1.0.2:beta2 |
| openssl | openssl | 1.0.2:beta3 |
| openssl | openssl | 1.0.2a:a |
| openssl | openssl | 1.0.2b:b |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_hpc_node | 7.0 |
| redhat | enterprise_linux_hpc_node_eus | 7.2 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 7.2 |
| redhat | enterprise_linux_server_eus | 7.2 |
| redhat | enterprise_linux_workstation | 7.0 |
| android | 4.0 | |
| android | 4.0.1 | |
| android | 4.0.2 | |
| android | 4.0.3 | |
| android | 4.0.4 | |
| android | 4.1 | |
| android | 4.1.2 | |
| android | 4.2 | |
| android | 4.2.1 | |
| android | 4.2.2 | |
| android | 4.3 | |
| android | 4.3.1 | |
| android | 4.4 | |
| android | 4.4.1 | |
| android | 4.4.2 | |
| android | 4.4.3 | |
| android | 5.0 | |
| android | 5.0.1 | |
| android | 5.1 | |
| android | 5.1.0 | |
| android | 6.0 | |
| android | 6.0.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| openssl |
| ||||||||||||||||||||
| openssl098 |
|
Common Weakness Enumeration