CVE-2012-2333 (retired)

Priority
Description
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1
before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption,
allows remote attackers to cause a denial of service (buffer over-read) or
possibly have unspecified other impact via a crafted TLS packet that is not
properly handled during a certain explicit IV calculation.
Assigned-to
sbeattie
Notes
Package
Upstream:released (1.0.1c-1)
Ubuntu 14.04 ESM (Trusty Tahr):released (1.0.1-4ubuntu6)
Patches:
Vendor:http://www.debian.org/security/2012/dsa-2475
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):released (0.9.8o-7ubuntu4)
More Information

Updated: 2019-10-09 07:42:16 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)