CVE-2012-2333

N/A Unknown
Published: May 14, 2012 Modified: April 29, 2026
View on NVD

Description

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://cvs.openssl.org/chngview?cn=22538
Source: secalert@redhat.com
http://cvs.openssl.org/chngview?cn=22547
Source: secalert@redhat.com
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
Source: secalert@redhat.com
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081460.html
Source: secalert@redhat.com
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00019.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00020.html
Source: secalert@redhat.com
http://marc.info/?l=bugtraq&m=134919053717161&w=2
Source: secalert@redhat.com
http://marc.info/?l=bugtraq&m=136432043316835&w=2
Source: secalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2012-0699.html
Source: secalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2012-1306.html
Source: secalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2012-1307.html
Source: secalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2012-1308.html
Source: secalert@redhat.com
http://secunia.com/advisories/49116
Source: secalert@redhat.com
http://secunia.com/advisories/49208
Source: secalert@redhat.com
http://secunia.com/advisories/49324
Source: secalert@redhat.com
http://secunia.com/advisories/50768
Source: secalert@redhat.com
http://secunia.com/advisories/51312
Source: secalert@redhat.com
http://support.apple.com/kb/HT5784
Source: secalert@redhat.com
http://www.cert.fi/en/reports/2012/vulnerability641549.html
Source: secalert@redhat.com
http://www.debian.org/security/2012/dsa-2475
Source: secalert@redhat.com
http://www.kb.cert.org/vuls/id/737740
Source: secalert@redhat.com
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2012:073
Source: secalert@redhat.com
http://www.openssl.org/news/secadv_20120510.txt
Source: secalert@redhat.com
http://www.securityfocus.com/bid/53476
Source: secalert@redhat.com
http://www.securitytracker.com/id?1027057
Source: secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=820686
Source: secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/75525
Source: secalert@redhat.com
http://cvs.openssl.org/chngview?cn=22538
Source: af854a3a-2127-422b-91ae-364da2661108
http://cvs.openssl.org/chngview?cn=22547
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081460.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00019.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00020.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=bugtraq&m=134919053717161&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=bugtraq&m=136432043316835&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2012-0699.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2012-1306.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2012-1307.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2012-1308.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/49116
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/49208
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/49324
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/50768
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/51312
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.apple.com/kb/HT5784
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.cert.fi/en/reports/2012/vulnerability641549.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2012/dsa-2475
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.kb.cert.org/vuls/id/737740
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2012:073
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.openssl.org/news/secadv_20120510.txt
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/53476
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1027057
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=820686
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/75525
Source: af854a3a-2127-422b-91ae-364da2661108

56 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
28.2%
98th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-189

Affected Vendors

redhat openssl

Related CVEs

CVE-2026-9677 N/A
CVE-2026-13245 6.1
CVE-2026-12404 5.3
CVE-2026-10820 N/A
CVE-2026-12415 9.8