Описание
Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.
Отчет
This issue did not affect the versions of openssl as shipped with Red Hat Enterprise Linux 4 and 6.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 3 | openssl | Not affected | ||
| Red Hat Enterprise Linux 4 | openssl | Not affected | ||
| Red Hat Enterprise Linux 4 | openssl096b | Not affected | ||
| Red Hat Enterprise Linux 5 | openssl097a | Not affected | ||
| Red Hat Enterprise Linux 6 | openssl | Not affected | ||
| Red Hat Enterprise Linux 6 | openssl098e | Will not fix | ||
| Red Hat Enterprise Linux 5 | openssl | Fixed | RHSA-2012:0060 | 24.01.2012 |
| Red Hat JBoss Enterprise Application Platform 5.1 | Fixed | RHSA-2012:1307 | 24.09.2012 | |
| Red Hat JBoss Enterprise Application Platform 6.0 | Fixed | RHSA-2012:1308 | 24.09.2012 | |
| Red Hat JBoss Web Server 1.0 | Fixed | RHSA-2012:1306 | 24.09.2012 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.
Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.
Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_ ...
Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check.
EPSS
4.3 Medium
CVSS2