crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P
Vendors Products
Openssl
  • Openssl
Nodejs
  • Node.js
Novell
  • Suse Linux Enterprise Module For Web Scripting

Configuration 1 [-]

cpe:2.3:o:novell:suse_linux_enterprise_module_for_web_scripting:12.0:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
References
Link Resource
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21995039 Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Patch Third Party Advisory
http://www.securityfocus.com/bid/93171 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1036885 Third Party Advisory VDB Entry
https://bto.bluecoat.com/security-advisory/sa132 Third Party Advisory
https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=6e629b5be45face20b4ca71c4fcbfed78b864a2e
https://kc.mcafee.com/corporate/index?page=content&id=SB10171 Third Party Advisory
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:27.openssl.asc Third Party Advisory
https://security.gentoo.org/glsa/201612-16 Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us Third Party Advisory
https://www.openssl.org/news/secadv/20160926.txt Vendor Advisory
https://www.tenable.com/security/tns-2016-16 Third Party Advisory
https://www.tenable.com/security/tns-2016-19 Third Party Advisory
https://www.tenable.com/security/tns-2016-20 Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2016-09-26T19:00:00

Updated: 2018-07-11T09:57:01

Reserved: 2016-08-23T00:00:00

Link: CVE-2016-7052

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2016-09-26T19:59:07.533

Modified: 2023-11-07T02:34:13.277

Link: CVE-2016-7052

JSON object: View

cve-icon Redhat Information

No data.

CWE