Vulnerability & Exploit Database

Back to search

OpenSSL Memory corruption in the ASN.1 encoder (CVE-2016-2108)

Severity CVSS Published Added Modified
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C) May 04, 2016 May 04, 2016 January 08, 2018

Description

The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

http-openssl-1_0_1-upgrade-1_0_1_o

Related Vulnerabilities