cve-2016-2108
Vulnerability from cvelistv5
Published
2016-05-05 00:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
54.77% (0.97755)
Summary
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.
References
secalert@redhat.comhttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html
secalert@redhat.comhttp://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2016-0722.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2016-0996.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2016-2056.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2016-2073.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2016-2957.html
secalert@redhat.comhttp://source.android.com/security/bulletin/2016-07-01.html
secalert@redhat.comhttp://support.citrix.com/article/CTX212736
secalert@redhat.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl
secalert@redhat.comhttp://www.debian.org/security/2016/dsa-3566
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
secalert@redhat.comhttp://www.securityfocus.com/bid/89752
secalert@redhat.comhttp://www.securityfocus.com/bid/91787
secalert@redhat.comhttp://www.securitytracker.com/id/1035721
secalert@redhat.comhttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2959-1
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2016:1137
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:0193
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:0194
secalert@redhat.comhttps://bto.bluecoat.com/security-advisory/sa123
secalert@redhat.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
secalert@redhat.comhttps://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871
secalert@redhat.comhttps://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27
secalert@redhat.comhttps://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us
secalert@redhat.comhttps://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us
secalert@redhat.comhttps://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804
secalert@redhat.comhttps://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202
secalert@redhat.comhttps://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-fr
secalert@redhat.comhttps://security.gentoo.org/glsa/201612-16
secalert@redhat.comhttps://security.netapp.com/advisory/ntap-20160504-0001/
secalert@redhat.comhttps://support.apple.com/HT206903
secalert@redhat.comhttps://www.openssl.org/news/secadv/20160503.txtVendor Advisory
secalert@redhat.comhttps://www.tenable.com/security/tns-2016-18
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-0722.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-0996.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-2056.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-2073.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-2957.html
af854a3a-2127-422b-91ae-364da2661108http://source.android.com/security/bulletin/2016-07-01.html
af854a3a-2127-422b-91ae-364da2661108http://support.citrix.com/article/CTX212736
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2016/dsa-3566
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/89752
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/91787
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1035721
af854a3a-2127-422b-91ae-364da2661108http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2959-1
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2016:1137
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:0193
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:0194
af854a3a-2127-422b-91ae-364da2661108https://bto.bluecoat.com/security-advisory/sa123
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
af854a3a-2127-422b-91ae-364da2661108https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871
af854a3a-2127-422b-91ae-364da2661108https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804
af854a3a-2127-422b-91ae-364da2661108https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202
af854a3a-2127-422b-91ae-364da2661108https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-fr
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201612-16
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20160504-0001/
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/HT206903
af854a3a-2127-422b-91ae-364da2661108https://www.openssl.org/news/secadv/20160503.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2016-18
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T23:17:50.714Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "SSA:2016-124-01",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103",
               },
               {
                  name: "RHSA-2016:2056",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html",
               },
               {
                  name: "openSUSE-SU-2016:1238",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html",
               },
               {
                  name: "openSUSE-SU-2016:1242",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html",
               },
               {
                  name: "SUSE-SU-2016:1267",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html",
               },
               {
                  name: "RHSA-2016:2073",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us",
               },
               {
                  name: "DSA-3566",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3566",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
               },
               {
                  name: "openSUSE-SU-2016:1243",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html",
               },
               {
                  name: "GLSA-201612-16",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201612-16",
               },
               {
                  name: "SUSE-SU-2016:1228",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html",
               },
               {
                  name: "1035721",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1035721",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://support.citrix.com/article/CTX212736",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27",
               },
               {
                  name: "openSUSE-SU-2016:1239",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html",
               },
               {
                  name: "SUSE-SU-2016:1206",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345",
               },
               {
                  name: "FEDORA-2016-1e39d934ed",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html",
               },
               {
                  name: "20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl",
               },
               {
                  name: "SUSE-SU-2016:1231",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
               },
               {
                  name: "FEDORA-2016-1411324654",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html",
               },
               {
                  name: "openSUSE-SU-2016:1240",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862",
               },
               {
                  name: "openSUSE-SU-2016:1241",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html",
               },
               {
                  name: "APPLE-SA-2016-07-18-1",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html",
               },
               {
                  name: "SUSE-SU-2016:1360",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.tenable.com/security/tns-2016-18",
               },
               {
                  name: "SUSE-SU-2016:1233",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html",
               },
               {
                  name: "RHSA-2017:0194",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0194",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://source.android.com/security/bulletin/2016-07-01.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804",
               },
               {
                  name: "RHSA-2017:0193",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0193",
               },
               {
                  name: "openSUSE-SU-2016:1237",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202",
               },
               {
                  name: "RHSA-2016:0996",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-fr",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20160504-0001/",
               },
               {
                  name: "91787",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/91787",
               },
               {
                  name: "SUSE-SU-2016:1290",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html",
               },
               {
                  name: "openSUSE-SU-2016:1273",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html",
               },
               {
                  name: "RHSA-2016:2957",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html",
               },
               {
                  name: "USN-2959-1",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2959-1",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
               },
               {
                  name: "RHSA-2016:0722",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.openssl.org/news/secadv/20160503.txt",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/HT206903",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://bto.bluecoat.com/security-advisory/sa123",
               },
               {
                  name: "89752",
                  tags: [
                     "vdb-entry",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/89752",
               },
               {
                  name: "FEDORA-2016-05c567df1a",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html",
               },
               {
                  name: "RHSA-2016:1137",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2016:1137",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-05-03T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the \"negative zero\" issue.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-12-13T00:00:00",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "SSA:2016-124-01",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103",
            },
            {
               name: "RHSA-2016:2056",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2056.html",
            },
            {
               name: "openSUSE-SU-2016:1238",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html",
            },
            {
               name: "openSUSE-SU-2016:1242",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html",
            },
            {
               name: "SUSE-SU-2016:1267",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html",
            },
            {
               name: "RHSA-2016:2073",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2073.html",
            },
            {
               url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us",
            },
            {
               name: "DSA-3566",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.debian.org/security/2016/dsa-3566",
            },
            {
               url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us",
            },
            {
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
            },
            {
               url: "http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html",
            },
            {
               url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
            },
            {
               name: "openSUSE-SU-2016:1243",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html",
            },
            {
               name: "GLSA-201612-16",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://security.gentoo.org/glsa/201612-16",
            },
            {
               name: "SUSE-SU-2016:1228",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html",
            },
            {
               name: "1035721",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securitytracker.com/id/1035721",
            },
            {
               url: "http://support.citrix.com/article/CTX212736",
            },
            {
               url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27",
            },
            {
               name: "openSUSE-SU-2016:1239",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html",
            },
            {
               name: "SUSE-SU-2016:1206",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345",
            },
            {
               name: "FEDORA-2016-1e39d934ed",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html",
            },
            {
               name: "20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl",
            },
            {
               name: "SUSE-SU-2016:1231",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html",
            },
            {
               url: "https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871",
            },
            {
               url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us",
            },
            {
               url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
            },
            {
               name: "FEDORA-2016-1411324654",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html",
            },
            {
               name: "openSUSE-SU-2016:1240",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862",
            },
            {
               name: "openSUSE-SU-2016:1241",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html",
            },
            {
               name: "APPLE-SA-2016-07-18-1",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html",
            },
            {
               name: "SUSE-SU-2016:1360",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html",
            },
            {
               url: "https://www.tenable.com/security/tns-2016-18",
            },
            {
               name: "SUSE-SU-2016:1233",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html",
            },
            {
               name: "RHSA-2017:0194",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0194",
            },
            {
               url: "http://source.android.com/security/bulletin/2016-07-01.html",
            },
            {
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804",
            },
            {
               name: "RHSA-2017:0193",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0193",
            },
            {
               name: "openSUSE-SU-2016:1237",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html",
            },
            {
               url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202",
            },
            {
               name: "RHSA-2016:0996",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-0996.html",
            },
            {
               url: "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-fr",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20160504-0001/",
            },
            {
               name: "91787",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securityfocus.com/bid/91787",
            },
            {
               name: "SUSE-SU-2016:1290",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html",
            },
            {
               name: "openSUSE-SU-2016:1273",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html",
            },
            {
               name: "RHSA-2016:2957",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2957.html",
            },
            {
               name: "USN-2959-1",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://www.ubuntu.com/usn/USN-2959-1",
            },
            {
               url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
            },
            {
               name: "RHSA-2016:0722",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-0722.html",
            },
            {
               url: "https://www.openssl.org/news/secadv/20160503.txt",
            },
            {
               url: "https://support.apple.com/HT206903",
            },
            {
               url: "https://bto.bluecoat.com/security-advisory/sa123",
            },
            {
               name: "89752",
               tags: [
                  "vdb-entry",
               ],
               url: "http://www.securityfocus.com/bid/89752",
            },
            {
               name: "FEDORA-2016-05c567df1a",
               tags: [
                  "vendor-advisory",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html",
            },
            {
               name: "RHSA-2016:1137",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://access.redhat.com/errata/RHSA-2016:1137",
            },
            {
               url: "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759",
            },
            {
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-2108",
      datePublished: "2016-05-05T00:00:00",
      dateReserved: "2016-01-29T00:00:00",
      dateUpdated: "2024-08-05T23:17:50.714Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BBCD86A-E6C7-4444-9D74-F861084090F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.1n\", \"matchCriteriaId\": \"75251AA9-6304-4C01-A334-6F6CD045A497\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD3E5C1B-EC63-4214-A0BD-0B8681CE6C8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"18797BEE-417D-4959-9AAD-C5A7C051B524\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FAA3C31-BD9D-45A9-A502-837FECA6D479\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*\", \"matchCriteriaId\": \"6455A421-9956-4846-AC7C-3431E0D37D23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60F946FD-F564-49DA-B043-5943308BA9EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C84489B-B08C-4854-8A12-D01B6E45CF79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39A901D6-0874-46A4-92A8-5F72C7A89E85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C8D871B-AEA1-4407-AEE3-47EC782250FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44B067C7-735E-43C9-9188-7E1522A02491\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A39C31E3-75C0-4E92-A6B5-7D67B22E3449\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB318EA4-2908-4B91-8DBB-20008FDF528A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F4E46A9-B652-47CE-92E8-01021E57724B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB9B53C6-AE84-4A45-B83E-8E5CE44F7B93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36DD8E3F-6308-4680-B932-4CBD8E58A7FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DA9F0F7-D592-481E-884C-B1A94E702825\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6CD857E7-B878-49F9-BDDA-93DDEBB0B42B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FBDABB6C-FFF9-4E79-9EF1-BDC0BBDEA9F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A47AB858-36DE-4330-8CAC-1B46C5C8DA80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49413FF7-7910-4F74-B106-C3170612CB2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8882E50-7C49-4A99-91F2-DF979CF8BB2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98C32982-095C-4628-9958-118A3D3A9CAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C4E6353-B77A-464F-B7DE-932704003B33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77125688-2CCA-4990-ABB2-551D47CB0CDD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7A8EC00-266C-409B-AD43-18E8DFCD6FE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B846C63A-7261-481E-B4A4-0D8C79E0D8A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E70C6D8D-C9C3-4D92-8DFC-71F59E068295\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"691FA41B-C2CE-413F-ABB1-0B22CB322807\"}]}]}]",
         descriptions: "[{\"lang\": \"en\", \"value\": \"The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the \\\"negative zero\\\" issue.\"}, {\"lang\": \"es\", \"value\": \"La implementaci\\u00f3n ASN.1 en OpenSSL en versiones anteriores a 1.0.1o y 1.0.2 en versiones anteriores a 1.0.2c permite a atacantes remotos ejecutar c\\u00f3digo arbitrario o provocar una denegaci\\u00f3n de servicio (desbordamiento inferior de buffer y corrupci\\u00f3n de memoria) a trav\\u00e9s de un campo ANY en datos serializados manipulados, tambi\\u00e9n conocido como el problema \\\"cero negativo\\\".\"}]",
         id: "CVE-2016-2108",
         lastModified: "2024-11-21T02:47:49.563",
         metrics: "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
         published: "2016-05-05T01:59:04.230",
         references: "[{\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0722.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0996.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2056.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2073.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2957.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://source.android.com/security/bulletin/2016-07-01.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://support.citrix.com/article/CTX212736\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3566\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/89752\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/91787\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securitytracker.com/id/1035721\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2959-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1137\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0193\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0194\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bto.bluecoat.com/security-advisory/sa123\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-fr\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://security.gentoo.org/glsa/201612-16\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20160504-0001/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://support.apple.com/HT206903\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.openssl.org/news/secadv/20160503.txt\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.tenable.com/security/tns-2016-18\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0722.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0996.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2056.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2073.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2957.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://source.android.com/security/bulletin/2016-07-01.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.citrix.com/article/CTX212736\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3566\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/89752\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/91787\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1035721\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2959-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1137\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0193\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0194\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bto.bluecoat.com/security-advisory/sa123\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-fr\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/201612-16\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20160504-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/HT206903\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.openssl.org/news/secadv/20160503.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.tenable.com/security/tns-2016-18\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
         sourceIdentifier: "secalert@redhat.com",
         vulnStatus: "Modified",
         weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2016-2108\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2016-05-05T01:59:04.230\",\"lastModified\":\"2024-11-21T02:47:49.563\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the \\\"negative zero\\\" issue.\"},{\"lang\":\"es\",\"value\":\"La implementación ASN.1 en OpenSSL en versiones anteriores a 1.0.1o y 1.0.2 en versiones anteriores a 1.0.2c permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (desbordamiento inferior de buffer y corrupción de memoria) a través de un campo ANY en datos serializados manipulados, también conocido como el problema \\\"cero negativo\\\".\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.1n\",\"matchCriteriaId\":\"75251AA9-6304-4C01-A334-6F6CD045A497\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD3E5C1B-EC63-4214-A0BD-0B8681CE6C8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"18797BEE-417D-4959-9AAD-C5A7C051B524\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FAA3C31-BD9D-45A9-A502-837FECA6D479\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6455A421-9956-4846-AC7C-3431E0D37D23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60F946FD-F564-49DA-B043-5943308BA9EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4847BCF3-EFCE-41AF-8E7D-3D51EB9DCC5B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C84489B-B08C-4854-8A12-D01B6E45CF79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39A901D6-0874-46A4-92A8-5F72C7A89E85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C8D871B-AEA1-4407-AEE3-47EC782250FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44B067C7-735E-43C9-9188-7E1522A02491\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A39C31E3-75C0-4E92-A6B5-7D67B22E3449\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB318EA4-2908-4B91-8DBB-20008FDF528A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F4E46A9-B652-47CE-92E8-01021E57724B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB9B53C6-AE84-4A45-B83E-8E5CE44F7B93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36DD8E3F-6308-4680-B932-4CBD8E58A7FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DA9F0F7-D592-481E-884C-B1A94E702825\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CD857E7-B878-49F9-BDDA-93DDEBB0B42B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBDABB6C-FFF9-4E79-9EF1-BDC0BBDEA9F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A47AB858-36DE-4330-8CAC-1B46C5C8DA80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49413FF7-7910-4F74-B106-C3170612CB2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8882E50-7C49-4A99-91F2-DF979CF8BB2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98C32982-095C-4628-9958-118A3D3A9CAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C4E6353-B77A-464F-B7DE-932704003B33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77125688-2CCA-4990-ABB2-551D47CB0CDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7A8EC00-266C-409B-AD43-18E8DFCD6FE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B846C63A-7261-481E-B4A4-0D8C79E0D8A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E70C6D8D-C9C3-4D92-8DFC-71F59E068295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"691FA41B-C2CE-413F-ABB1-0B22CB322807\"}]}]}],\"references\":[{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0722.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0996.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2056.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2073.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2957.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://source.android.com/security/bulletin/2016-07-01.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://support.citrix.com/article/CTX212736\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3566\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/89752\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/91787\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id/1035721\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2959-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1137\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0193\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0194\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bto.bluecoat.com/security-advisory/sa123\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-fr\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.gentoo.org/glsa/201612-16\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20160504-0001/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.apple.com/HT206903\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.openssl.org/news/secadv/20160503.txt\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-18\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0722.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0996.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2056.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2073.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2957.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://source.android.com/security/bulletin/2016-07-01.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.citrix.com/article/CTX212736\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3566\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/89752\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/91787\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1035721\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2959-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1137\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0193\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0194\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bto.bluecoat.com/security-advisory/sa123\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-fr\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201612-16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20160504-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT206903\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.openssl.org/news/secadv/20160503.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2016-18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.