<!– OpenSSL memory corruption –>
OpenSSL memory corruption
news /
advisories /
forum /
software /
advertising /
search /
exploits
<!–
google_ad_client = “pub-9080155680222782”;
google_ad_width = 468;
google_ad_height = 15;
google_ad_format = “468x15_0ads_al”;
//2007-01-19: Inside
google_ad_channel = “6209105484”;
google_color_border = “333333”;
google_color_bg = “0D0030”;
google_color_link = “AAAAAA”;
google_color_text = “999999”;
google_color_url = “C0C0C0”;
//–><!– script type="text/javascript"
src=”http://pagead2.googlesyndication.com/pagead/show_ads.js” –>
BUGTRAQSecurityVulns ID:12332Type:CVE-2012-2110 (The asn1_d2i_read_bio function in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.)Original documentDEBIAN, [SECURITY] [DSA 2454-1] openssl security update (22.04.2012)Discuss:Read or add your comments to this news (0 comments)
Article source: http://securityvulns.com/news/OpenSSL/CVE-2012-2110.html
View full post on National Cyber Security