Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-2105

Опубликовано: 05 мая 2016
Источник: ubuntu
Приоритет: low
EPSS Средний
CVSS2: 5
CVSS3: 7.5

Описание

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

РелизСтатусПримечание
artful

released

1.0.2g-1ubuntu5
bionic

released

1.0.2g-1ubuntu5
cosmic

released

1.0.2g-1ubuntu5
devel

released

1.0.2g-1ubuntu5
disco

released

1.0.2g-1ubuntu5
esm-infra-legacy/trusty

released

1.0.1f-1ubuntu2.19
esm-infra/bionic

released

1.0.2g-1ubuntu5
esm-infra/xenial

released

1.0.2g-1ubuntu4.1
precise

released

1.0.1-4ubuntu5.36
precise/esm

not-affected

1.0.1-4ubuntu5.36

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needs-triage]
precise

ignored

end of life
precise/esm

DNE

precise was needs-triage
trusty

ignored

end of standard support
trusty/esm

DNE

trusty was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 97%
0.34599
Средний

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-2105

CVSS3: 5.6
redhat
больше 9 лет назад

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

nvd логотип

CVE-2016-2105

CVSS3: 7.5
nvd
больше 9 лет назад

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

debian логотип

CVE-2016-2105

CVSS3: 7.5
debian
больше 9 лет назад

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode ...

github логотип

GHSA-rh28-x46h-8pcg

CVSS3: 7.5
github
больше 3 лет назад

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

fstec логотип

BDU:2020-02960

CVSS3: 7.5
fstec
больше 9 лет назад

Уязвимость функции EVP_EncodeUpdate (crypto/evp/encode.c) библиотеки OpenSSL, связанная с ошибкой при обработке числа, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 97%
0.34599
Средний

5 Medium

CVSS2

7.5 High

CVSS3

Уязвимость CVE-2016-2105