CVE-2012-2333 (retired)

Priority
Description
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1
before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption,
allows remote attackers to cause a denial of service (buffer over-read) or
possibly have unspecified other impact via a crafted TLS packet that is not
properly handled during a certain explicit IV calculation.
Assigned-to
sbeattie
Package
Upstream:released (1.0.1c-1)
Ubuntu 14.04 LTS (Trusty Tahr):released (1.0.1-4ubuntu6)
Patches:
Vendor:http://www.debian.org/security/2012/dsa-2475
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (0.9.8o-7ubuntu3.2.14.04.1)
More Information

Updated: 2019-03-26 12:01:58 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)