Description

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation.

Remediation

References

CVE-2012-2333

Related Vulnerabilities

WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.14)

WordPress Plugin PHP Analytics Arbitrary File Upload (1.0.0.2)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (7.3.4)

MySQL Other Vulnerability (CVE-1999-1188)

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-1499)

Severity

Medium

Classification

CVE-2012-2333

Tags

Missing Update Known Vulnerabilities