Description

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation.

Remediation

References

CVE-2012-2333

Related Vulnerabilities

SharePoint CVE-2020-1500 Vulnerability (CVE-2020-1500)

WordPress Plugin Newsletter-Send awesome emails from WordPress Multiple Vulnerabilities (6.8.1)

Jboss EAP XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2018-1000632)

WordPress Plugin Google Analytics Dashboard Multiple Unspecified Vulnerabilities (2.0.5)

ASP.NET MVC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-4075)

Severity

Medium

Classification

CVE-2012-2333

Tags

Missing Update Known Vulnerabilities