Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2015-0292
Deferred
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-19 Mar, 2015 | 22:59
Updated At-12 Apr, 2025 | 10:46

Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted base64 data that triggers a buffer overflow.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
OpenSSL
openssl
>>openssl>>Versions up to 0.9.8z(inclusive)
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0
cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0a
cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0b
cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0c
cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0d
cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0e
cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0f
cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0g
cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0h
cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0i
cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0j
cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0k
cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.0l
cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.1
cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.1a
cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.1b
cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.1c
cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.1d
cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.1e
cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.1f
cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
OpenSSL
openssl
>>openssl>>1.0.1g
cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680secalert@redhat.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.htmlsecalert@redhat.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.htmlsecalert@redhat.com
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.htmlsecalert@redhat.com
N/A
http://marc.info/?l=bugtraq&m=143213830203296&w=2secalert@redhat.com
N/A
http://marc.info/?l=bugtraq&m=143213830203296&w=2secalert@redhat.com
N/A
http://marc.info/?l=bugtraq&m=143748090628601&w=2secalert@redhat.com
N/A
http://marc.info/?l=bugtraq&m=144050155601375&w=2secalert@redhat.com
N/A
http://marc.info/?l=bugtraq&m=144050297101809&w=2secalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-0715.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-0716.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-0752.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2015-0800.htmlsecalert@redhat.com
N/A
http://www.debian.org/security/2015/dsa-3197secalert@redhat.com
N/A
http://www.fortiguard.com/advisory/2015-03-24-openssl-vulnerabilities-march-2015secalert@redhat.com
N/A
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlsecalert@redhat.com
N/A
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlsecalert@redhat.com
N/A
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlsecalert@redhat.com
N/A
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlsecalert@redhat.com
N/A
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlsecalert@redhat.com
N/A
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/73228secalert@redhat.com
N/A
http://www.securitytracker.com/id/1031929secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-2537-1secalert@redhat.com
N/A
https://access.redhat.com/articles/1384453secalert@redhat.com
N/A
https://bto.bluecoat.com/security-advisory/sa92secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=1202395secalert@redhat.com
N/A
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfsecalert@redhat.com
N/A
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=d0666f289ac013094bbbf547bfbcd616199b7d2dsecalert@redhat.com
N/A
https://kc.mcafee.com/corporate/index?page=content&id=SB10110secalert@redhat.com
N/A
https://rt.openssl.org/Ticket/Display.html?id=2608&user=guest&pass=guestsecalert@redhat.com
Exploit
https://security.gentoo.org/glsa/201503-11secalert@redhat.com
N/A
https://support.citrix.com/article/CTX216642secalert@redhat.com
N/A
https://www.openssl.org/news/secadv_20150319.txtsecalert@redhat.com
Vendor Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10680af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152733.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152734.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152844.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=143213830203296&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=143213830203296&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=143748090628601&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=144050155601375&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=144050297101809&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-0715.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-0716.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-0752.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2015-0800.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2015/dsa-3197af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.fortiguard.com/advisory/2015-03-24-openssl-vulnerabilities-march-2015af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/73228af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1031929af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2537-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://access.redhat.com/articles/1384453af854a3a-2127-422b-91ae-364da2661108
N/A
https://bto.bluecoat.com/security-advisory/sa92af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=1202395af854a3a-2127-422b-91ae-364da2661108
N/A
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfaf854a3a-2127-422b-91ae-364da2661108
N/A
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=d0666f289ac013094bbbf547bfbcd616199b7d2daf854a3a-2127-422b-91ae-364da2661108
N/A
https://kc.mcafee.com/corporate/index?page=content&id=SB10110af854a3a-2127-422b-91ae-364da2661108
N/A
https://rt.openssl.org/Ticket/Display.html?id=2608&user=guest&pass=guestaf854a3a-2127-422b-91ae-364da2661108
Exploit
https://security.gentoo.org/glsa/201503-11af854a3a-2127-422b-91ae-364da2661108
N/A
https://support.citrix.com/article/CTX216642af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.openssl.org/news/secadv_20150319.txtaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Change History
0Changes found
Details not found