Description
The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data, a different vulnerability than CVE-2016-2842.
Remediation
References
Related Vulnerabilities
WordPress Plugin Delete All Comments Easily Cross-Site Request Forgery (1.3)
WordPress Plugin Redirection Cross-Site Request Forgery (3.6.2)
WordPress Plugin Form Manager Remote Command Execution (1.7.2)
WordPress Plugin SecureMoz Security Audit PHP Object Injection (1.0.5)
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0825)