2017-10-16 12:31:07 -04:00
{
2019-03-17 23:46:44 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com" ,
"ID" : "CVE-2010-0742" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
2017-10-16 12:31:07 -04:00
]
2019-03-17 23:46:44 +00:00
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
"value" : "The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "http://rt.openssl.org/Ticket/Display.html?id=2211&user=guest&pass=guest" ,
"refsource" : "CONFIRM" ,
"url" : "http://rt.openssl.org/Ticket/Display.html?id=2211&user=guest&pass=guest"
} ,
{
"name" : "ADV-2010-1313" ,
"refsource" : "VUPEN" ,
"url" : "http://www.vupen.com/english/advisories/2010/1313"
} ,
{
"name" : "40024" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/40024"
} ,
{
"name" : "42724" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/42724"
} ,
{
"name" : "oval:org.mitre.oval:def:12395" ,
"refsource" : "OVAL" ,
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12395"
} ,
{
"name" : "40502" ,
"refsource" : "BID" ,
"url" : "http://www.securityfocus.com/bid/40502"
} ,
{
"name" : "HPSBUX02610" ,
"refsource" : "HP" ,
"url" : "http://marc.info/?l=bugtraq&m=129138643405740&w=2"
} ,
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564" ,
"refsource" : "CONFIRM" ,
"url" : "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
} ,
{
"name" : "ADV-2010-3105" ,
"refsource" : "VUPEN" ,
"url" : "http://www.vupen.com/english/advisories/2010/3105"
} ,
{
"name" : "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released" ,
"refsource" : "MLIST" ,
"url" : "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
} ,
{
"name" : "http://cvs.openssl.org/filediff?f=openssl/crypto/cms/cms_asn1.c&v1=1.8&v2=1.8.6.1" ,
"refsource" : "CONFIRM" ,
"url" : "http://cvs.openssl.org/filediff?f=openssl/crypto/cms/cms_asn1.c&v1=1.8&v2=1.8.6.1"
} ,
{
"name" : "57353" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/57353"
} ,
{
"name" : "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released" ,
"refsource" : "MLIST" ,
"url" : "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
} ,
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=598738" ,
"refsource" : "CONFIRM" ,
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=598738"
} ,
{
"name" : "SSRT100341" ,
"refsource" : "HP" ,
"url" : "http://marc.info/?l=bugtraq&m=129138643405740&w=2"
} ,
{
"name" : "40000" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/40000"
} ,
{
"name" : "https://kb.bluecoat.com/index?page=content&id=SA50" ,
"refsource" : "CONFIRM" ,
"url" : "https://kb.bluecoat.com/index?page=content&id=SA50"
} ,
{
"name" : "42733" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/42733"
} ,
{
"name" : "42457" ,
"refsource" : "SECUNIA" ,
"url" : "http://secunia.com/advisories/42457"
} ,
{
"name" : "http://cvs.openssl.org/chngview?cn=19693" ,
"refsource" : "CONFIRM" ,
"url" : "http://cvs.openssl.org/chngview?cn=19693"
} ,
{
"name" : "http://www.openssl.org/news/secadv_20100601.txt" ,
"refsource" : "CONFIRM" ,
"url" : "http://www.openssl.org/news/secadv_20100601.txt"
}
]
}
}
