The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL up to and including 1.0.2h allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishandled by the "openssl ts" command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl 1.0.1m |
||
openssl openssl 1.0.2a |
||
openssl openssl 1.0.1j |
||
openssl openssl 1.0.1h |
||
openssl openssl 1.0.2e |
||
openssl openssl 1.0.1r |
||
openssl openssl 1.0.2b |
||
openssl openssl 1.0.1c |
||
openssl openssl 1.0.1g |
||
openssl openssl 1.0.2g |
||
openssl openssl 1.0.1a |
||
openssl openssl 1.0.2h |
||
openssl openssl 1.0.1d |
||
openssl openssl 1.0.1t |
||
openssl openssl 1.0.2c |
||
openssl openssl 1.0.1p |
||
openssl openssl 1.0.1k |
||
openssl openssl 1.0.1b |
||
openssl openssl 1.0.1n |
||
openssl openssl 1.0.1q |
||
openssl openssl 1.0.1e |
||
openssl openssl 1.0.1l |
||
openssl openssl 1.0.1f |
||
openssl openssl 1.0.1s |
||
openssl openssl 1.0.1o |
||
openssl openssl 1.0.2 |
||
openssl openssl 1.0.2f |
||
openssl openssl 1.0.1i |
||
openssl openssl 1.0.1 |
||
openssl openssl 1.0.2d |
||
oracle linux 6 |
||
oracle linux 7 |