Oval Definition:	oval:org.mitre.oval:def:20716
Revision Date: 2014-01-20 Version: 5 Title: VMware vSphere and vCOps updates to third party libraries Description: The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2012-2110 Platform(s): VMWare ESX Server 4.0 VMWare ESX Server 4.1 Product(s): Definition Synopsis Patch ESX410-201208103-SG is not installed VMware ESX Server 4.1 is installed AND Patch ESX410-201208103-SG is not installed OR Patch ESX400-201209401-SG is not installed VMware ESX Server 4.0 is installed AND Patch ESX400-201209401-SG is not installed
BACK