{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2015-1792","assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","dateUpdated":"2024-08-06T04:54:16.038Z","dateReserved":"2015-02-17T00:00:00.000Z","datePublished":"2015-06-12T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2022-12-13T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"name":"SUSE-SU-2015:1184","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"},{"name":"SSRT102180","tags":["vendor-advisory"],"url":"http://marc.info/?l=bugtraq&m=143880121627664&w=2"},{"name":"DSA-3287","tags":["vendor-advisory"],"url":"http://www.debian.org/security/2015/dsa-3287"},{"name":"SUSE-SU-2015:1150","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10122"},{"url":"http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015"},{"name":"HPSBMU03409","tags":["vendor-advisory"],"url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965"},{"url":"https://openssl.org/news/secadv/20150611.txt"},{"name":"RHSA-2015:1115","tags":["vendor-advisory"],"url":"http://rhn.redhat.com/errata/RHSA-2015-1115.html"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"},{"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"},{"url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"},{"name":"SUSE-SU-2015:1182","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"},{"name":"SUSE-SU-2015:1143","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351"},{"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"},{"name":"openSUSE-SU-2016:0640","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"},{"name":"1032564","tags":["vdb-entry"],"url":"http://www.securitytracker.com/id/1032564"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"},{"url":"http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015"},{"name":"FEDORA-2015-10108","tags":["vendor-advisory"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"},{"name":"20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products","tags":["vendor-advisory"],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl"},{"name":"openSUSE-SU-2015:1277","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"},{"name":"APPLE-SA-2015-08-13-2","tags":["vendor-advisory"],"url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"},{"name":"USN-2639-1","tags":["vendor-advisory"],"url":"http://www.ubuntu.com/usn/USN-2639-1"},{"url":"http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015"},{"name":"75154","tags":["vdb-entry"],"url":"http://www.securityfocus.com/bid/75154"},{"name":"GLSA-201506-02","tags":["vendor-advisory"],"url":"https://security.gentoo.org/glsa/201506-02"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044"},{"name":"91787","tags":["vdb-entry"],"url":"http://www.securityfocus.com/bid/91787"},{"url":"https://github.com/openssl/openssl/commit/cd30f03ac5bf2962f44bd02ae8d88245dff2f12c"},{"name":"HPSBUX03388","tags":["vendor-advisory"],"url":"http://marc.info/?l=bugtraq&m=143880121627664&w=2"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"},{"name":"FEDORA-2015-10047","tags":["vendor-advisory"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html"},{"url":"https://support.apple.com/kb/HT205031"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"},{"url":"https://support.citrix.com/article/CTX216642"},{"name":"SUSE-SU-2015:1185","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"},{"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694"},{"name":"openSUSE-SU-2015:1139","tags":["vendor-advisory"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"},{"url":"https://bto.bluecoat.com/security-advisory/sa98"},{"name":"NetBSD-SA2015-008","tags":["vendor-advisory"],"url":"http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc"},{"url":"https://www.openssl.org/news/secadv_20150611.txt"},{"name":"HPSBGN03371","tags":["vendor-advisory"],"url":"http://marc.info/?l=bugtraq&m=143654156615516&w=2"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}],"datePublic":"2015-06-11T00:00:00.000Z"},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T04:54:16.038Z"},"title":"CVE Program Container","references":[{"name":"SUSE-SU-2015:1184","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"},{"name":"SSRT102180","tags":["vendor-advisory","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=143880121627664&w=2"},{"name":"DSA-3287","tags":["vendor-advisory","x_transferred"],"url":"http://www.debian.org/security/2015/dsa-3287"},{"name":"SUSE-SU-2015:1150","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10122","tags":["x_transferred"]},{"url":"http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015","tags":["x_transferred"]},{"name":"HPSBMU03409","tags":["vendor-advisory","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965","tags":["x_transferred"]},{"url":"https://openssl.org/news/secadv/20150611.txt","tags":["x_transferred"]},{"name":"RHSA-2015:1115","tags":["vendor-advisory","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2015-1115.html"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html","tags":["x_transferred"]},{"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html","tags":["x_transferred"]},{"url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","tags":["x_transferred"]},{"name":"SUSE-SU-2015:1182","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888","tags":["x_transferred"]},{"name":"SUSE-SU-2015:1143","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351","tags":["x_transferred"]},{"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html","tags":["x_transferred"]},{"name":"openSUSE-SU-2016:0640","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html","tags":["x_transferred"]},{"name":"1032564","tags":["vdb-entry","x_transferred"],"url":"http://www.securitytracker.com/id/1032564"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380","tags":["x_transferred"]},{"url":"http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015","tags":["x_transferred"]},{"name":"FEDORA-2015-10108","tags":["vendor-advisory","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html","tags":["x_transferred"]},{"name":"20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products","tags":["vendor-advisory","x_transferred"],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl"},{"name":"openSUSE-SU-2015:1277","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"},{"name":"APPLE-SA-2015-08-13-2","tags":["vendor-advisory","x_transferred"],"url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"},{"name":"USN-2639-1","tags":["vendor-advisory","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-2639-1"},{"url":"http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015","tags":["x_transferred"]},{"name":"75154","tags":["vdb-entry","x_transferred"],"url":"http://www.securityfocus.com/bid/75154"},{"name":"GLSA-201506-02","tags":["vendor-advisory","x_transferred"],"url":"https://security.gentoo.org/glsa/201506-02"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044","tags":["x_transferred"]},{"name":"91787","tags":["vdb-entry","x_transferred"],"url":"http://www.securityfocus.com/bid/91787"},{"url":"https://github.com/openssl/openssl/commit/cd30f03ac5bf2962f44bd02ae8d88245dff2f12c","tags":["x_transferred"]},{"name":"HPSBUX03388","tags":["vendor-advisory","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=143880121627664&w=2"},{"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763","tags":["x_transferred"]},{"name":"FEDORA-2015-10047","tags":["vendor-advisory","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html"},{"url":"https://support.apple.com/kb/HT205031","tags":["x_transferred"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html","tags":["x_transferred"]},{"url":"https://support.citrix.com/article/CTX216642","tags":["x_transferred"]},{"name":"SUSE-SU-2015:1185","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"},{"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694","tags":["x_transferred"]},{"name":"openSUSE-SU-2015:1139","tags":["vendor-advisory","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"},{"url":"https://bto.bluecoat.com/security-advisory/sa98","tags":["x_transferred"]},{"name":"NetBSD-SA2015-008","tags":["vendor-advisory","x_transferred"],"url":"http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc"},{"url":"https://www.openssl.org/news/secadv_20150611.txt","tags":["x_transferred"]},{"name":"HPSBGN03371","tags":["vendor-advisory","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=143654156615516&w=2"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","tags":["x_transferred"]}]}]}}