oval:org.mitre.oval:def:25018

Definition Id: oval:org.mitre.oval:def:25018

Oval ID:	oval:org.mitre.oval:def:25018
Title:	OpenSSL vulnerability in before 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact
Description:	Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-2131	Version:	4
Platform(s):	Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2	Product(s):	OpenSSL
Definition Synopsis:
Check vulnerable OpenSSL Check if the version of OpenSSL 0.9.8v AND OpenSSL is installed OR Check vulnerable OpenSSL (32_bit) Check if the version of OpenSSL 0.9.8v (32_bit) AND OpenSSL (32_bit) is installed AND Check if the version of ssleay32.dll 0.9.8v AND Check if the version of ssleay32.dll 0.9.8v (32_bit) AND Check if the version of ssleay32.dll 0.9.8v under System Root