Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-0884

Опубликовано: 12 мар. 2012
Источник: redhat
CVSS2: 2.6
EPSS Низкий

Описание

The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 3opensslWill not fix
Red Hat Enterprise Linux 3openssl096bWill not fix
Red Hat Enterprise Linux 4opensslWill not fix
Red Hat Enterprise Linux 4openssl096bWill not fix
Red Hat Enterprise Linux 5openssl097aWill not fix
Red Hat Enterprise Linux 6openssl098eWill not fix
Red Hat JBoss Enterprise Web Server 1opensslAffected
Red Hat Enterprise Linux 5opensslFixedRHSA-2012:042627.03.2012
Red Hat Enterprise Linux 6opensslFixedRHSA-2012:042627.03.2012
Red Hat JBoss Enterprise Application Platform 5.1FixedRHSA-2012:130724.09.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=802725openssl: CMS and PKCS#7 Bleichenbacher attack

EPSS

Процентиль: 86%
0.03127
Низкий

2.6 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2012-0884

ubuntu
больше 13 лет назад

The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack.

nvd логотип

CVE-2012-0884

nvd
больше 13 лет назад

The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack.

debian логотип

CVE-2012-0884

debian
больше 13 лет назад

The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 i ...

github логотип

GHSA-wwwj-58hm-mxm3

github
больше 3 лет назад

The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack.

oracle-oval логотип

ELSA-2012-0426

oracle-oval
больше 13 лет назад

ELSA-2012-0426: openssl security and bug fix update (MODERATE)

EPSS

Процентиль: 86%
0.03127
Низкий

2.6 Low

CVSS2