cbcvebase.
CVE-2016-2176
published 2016-05-05

CVE-2016-2176: The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive…

PriorityP348high8.2CVSS 3.0
AVNACLPRNUINSUCLINAH
EPSS
22.84%
97.4th percentile
The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data.

Affected

21 ranges
VendorProductVersion rangeFixed in
appleos_x_el_capitan_v10.11.6_and_security_update_2016-004
debianopenssl
opensslopenssl<= 1.0.1s
opensslopenssl
opensslopenssl
opensslopenssl
opensslopenssl
opensslopenssl
opensslopenssl
opensslopenssl
opensslopenssl
opensslopenssl>= 0 < 1.0.2h-r01.0.2h-r0
opensslopenssl>= 0 < 1.0.2h-r01.0.2h-r0
opensslopenssl>= 0 < 1.0.2h-r01.0.2h-r0
opensslopenssl>= 0 < 1.0.2h-r01.0.2h-r0
opensslopenssl>= 0 < 1.0.2h-r01.0.2h-r0
opensslopenssl>= 0 < 1.0.2h-r01.0.2h-r0
opensslopenssl>= 0 < 1.0.2h-r01.0.2h-r0
paloaltocortex_xdr
paloaltoglobalprotect
paloaltopan-os

CVSS provenance

nvdv3.08.2HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:P
osv8.2HIGH
vendor_debian8.2LOW
vendor_redhat8.2HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.