OVAL Reference oval:org.mitre.oval:def:29017

Oval Definition:

oval:org.mitre.oval:def:29017

Revision Date:	2016-02-19	Version:	15
Title:	AIX OpenSSL PKCS#7 parsing code vulnerability
Description:	The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2015-1790
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis
platforms IBM AIX 6.1 is installed OR IBM AIX 7.1 is installed AND filesets File Version Exists openssl.base greater than or equal 1.0.1.500 AND openssl.base less than or equal 1.0.1.514 AND NOT Interim fix IV74809s9a is installed OR File Version Exists openssl.base greater than or equal 0.9.8.401 AND openssl.base less than or equal 0.9.8.2505 AND NOT Interim fix IV74809s9b is installed OR File Version Exists openssl.base greater than or equal 12.9.8.1100 AND openssl.base less than or equal 12.9.8.2505 AND NOT Interim fix IV74809s9c is installed