CVE

Id
77555  
CVE No.
CVE-2015-0292  
Status
Candidate  
Description
Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted base64 data that triggers a buffer overflow.  
Phase
Assigned (20141118)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
709916 77555 CVE-2015-0292 CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1202395  View
709917 77555 CVE-2015-0292 CONFIRM:https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=d0666f289ac013094bbbf547bfbcd616199b7d2d  View
709918 77555 CVE-2015-0292 CONFIRM:https://rt.openssl.org/Ticket/Display.html?id=2608&user=guest&pass=guest  View
709919 77555 CVE-2015-0292 CONFIRM:https://www.openssl.org/news/secadv_20150319.txt  View
709920 77555 CVE-2015-0292 CONFIRM:https://access.redhat.com/articles/1384453  View
709921 77555 CVE-2015-0292 CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html  View
709922 77555 CVE-2015-0292 CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html  View
709923 77555 CVE-2015-0292 CONFIRM:https://bto.bluecoat.com/security-advisory/sa92  View
709924 77555 CVE-2015-0292 CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html  View
709925 77555 CVE-2015-0292 CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html  View
709926 77555 CVE-2015-0292 CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html  View
709927 77555 CVE-2015-0292 CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680  View
709928 77555 CVE-2015-0292 CONFIRM:http://www.fortiguard.com/advisory/2015-03-24-openssl-vulnerabilities-march-2015  View
709929 77555 CVE-2015-0292 CONFIRM:https://kc.mcafee.com/corporate/index?page=content&id=SB10110  View
709930 77555 CVE-2015-0292 DEBIAN:DSA-3197  View
709931 77555 CVE-2015-0292 URL:http://www.debian.org/security/2015/dsa-3197  View
709932 77555 CVE-2015-0292 FEDORA:FEDORA-2015-4300  View
709933 77555 CVE-2015-0292 URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.html  View
709934 77555 CVE-2015-0292 FEDORA:FEDORA-2015-4303  View
709935 77555 CVE-2015-0292 URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.html  View
709936 77555 CVE-2015-0292 FEDORA:FEDORA-2015-4320  View
709937 77555 CVE-2015-0292 URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.html  View
709938 77555 CVE-2015-0292 GENTOO:GLSA-201503-11  View
709939 77555 CVE-2015-0292 URL:https://security.gentoo.org/glsa/201503-11  View
709940 77555 CVE-2015-0292 HP:HPSBMU03380  View
709941 77555 CVE-2015-0292 URL:http://marc.info/?l=bugtraq&m=143748090628601&w=2  View
709942 77555 CVE-2015-0292 HP:HPSBMU03397  View
709943 77555 CVE-2015-0292 URL:http://marc.info/?l=bugtraq&m=144050297101809&w=2  View
709944 77555 CVE-2015-0292 HP:HPSBMU03409  View
709945 77555 CVE-2015-0292 URL:http://marc.info/?l=bugtraq&m=144050155601375&w=2  View
709946 77555 CVE-2015-0292 HP:HPSBUX03334  View
709947 77555 CVE-2015-0292 URL:http://marc.info/?l=bugtraq&m=143213830203296&w=2  View
709948 77555 CVE-2015-0292 HP:SSRT102000  View
709949 77555 CVE-2015-0292 URL:http://marc.info/?l=bugtraq&m=143213830203296&w=2  View
709950 77555 CVE-2015-0292 REDHAT:RHSA-2015:0716  View
709951 77555 CVE-2015-0292 URL:http://rhn.redhat.com/errata/RHSA-2015-0716.html  View
709952 77555 CVE-2015-0292 REDHAT:RHSA-2015:0715  View
709953 77555 CVE-2015-0292 URL:http://rhn.redhat.com/errata/RHSA-2015-0715.html  View
709954 77555 CVE-2015-0292 REDHAT:RHSA-2015:0752  View
709955 77555 CVE-2015-0292 URL:http://rhn.redhat.com/errata/RHSA-2015-0752.html  View
709956 77555 CVE-2015-0292 REDHAT:RHSA-2015:0800  View
709957 77555 CVE-2015-0292 URL:http://rhn.redhat.com/errata/RHSA-2015-0800.html  View
709958 77555 CVE-2015-0292 SUSE:SUSE-SU-2015:0578  View
709959 77555 CVE-2015-0292 URL:http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html  View
709960 77555 CVE-2015-0292 UBUNTU:USN-2537-1  View
709961 77555 CVE-2015-0292 URL:http://www.ubuntu.com/usn/USN-2537-1  View
709962 77555 CVE-2015-0292 BID:73228  View
709963 77555 CVE-2015-0292 URL:http://www.securityfocus.com/bid/73228  View
709964 77555 CVE-2015-0292 SECTRACK:1031929  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
7767 JVNDB-2015-003087 Adobe Connect の Web App におけるクロスサイトスクリプティングの脆弱性 Adobe Connect の Web App には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2015-0344 77555 4.3 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-003087.html  View