Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenSSL ‘crypto/buffer/buffer.c’ 多个整数字符串错误漏洞
Vulnerability Description
OpenSSL是OpenSSL团队开发的一个开源的能够实现安全套接层(SSL v2/v3)和安全传输层(TLS v1)协议的通用加密库,它支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。 OpenSSL 0.9.8v版本中的crypto/buffer/buffer.c中存在多个整数字符串错误漏洞。远程攻击者可利用这些漏洞借助特制DER数据导致缓冲区溢出攻击,造成拒绝服务(内存损坏)或可能有其他未明影响。该漏洞已被X.509证书或RSA公钥证实。
CVSS Information
N/A
Vulnerability Type
N/A