CVE-2012-0050

{"id": "CVE-2012-0050", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-01-19T19:55:01.350", "references": [{"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc", "source": "secalert@redhat.com"}, {"url": "http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03169289", "source": "secalert@redhat.com"}, {"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html", "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=133951357207000&w=2", "source": "secalert@redhat.com"}, {"url": "http://marc.info/?l=bugtraq&m=134039053214295&w=2", "source": "secalert@redhat.com"}, {"url": "http://osvdb.org/78320", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/47631", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/47677", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/47755", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/48528", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/57353", "source": "secalert@redhat.com"}, {"url": "http://support.apple.com/kb/HT5784", "source": "secalert@redhat.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564", "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2012/dsa-2392", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:011", "source": "secalert@redhat.com"}, {"url": "http://www.openssl.org/news/secadv_20120118.txt", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/51563", "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1026548", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108."}, {"lang": "es", "value": "OpenSSL v0.9.8s y v1.0.0f no admite correctamente las aplicaciones DTLS, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores no especificados. NOTA: esta vulnerabilidad existe debido a una soluci\u00f3n incorrecta para el CVE-2011-4108."}], "lastModified": "2023-11-07T02:09:52.977", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45491BD3-7C62-4422-B7DA-CB2741890FBA"}, {"criteria": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "738BCFDC-1C49-4774-95AE-E099F707DEF9"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}