Advisory ID

12449

Release date

2016-05-11

Last Updated

2016-05-11

Issue Severity

-

 

Source

Source

USCERT/NIST

Release date

2016-05-06

CVSS v2 Base Score

6.4 (MEDIUM)

Problem Description

ASN1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. This could result in arbitrary stack data being returned in the buffer.

 

Find out more about CVE-2016-2176 from MITRE CVE directory and NIST NVD.

Impact

This vulnerability has no impact on FoxT products.

 

Affected Products

None.

Workaround

N/A

Obtaining Fixed Software

N/A

External References

OpenSSL Security Advisory










Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: April 16, 2019