oval:org.mitre.oval:def:24897

Definition Id: oval:org.mitre.oval:def:24897
 
Oval ID: oval:org.mitre.oval:def:24897
Title: OpenSSL vulnerability in before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact
Description: Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation.
Family: windows Class: vulnerability
Reference(s): CVE-2012-2333
Version: 3
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): OpenSSL
Definition Synopsis: