CVE-2016-2180 in OpenSSL and Oracle Products
Published on August 1, 2016

The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishandled by the "openssl ts" command.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2016-2180

stack.watch emails you whenever new vulnerabilities are published in OpenSSL or Oracle Linux. Just hit a watch button to start following.

OpenSSL

Oracle Linux

Exploit Probability

EPSS

4.40%

Percentile

88.84%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2016-2180 in OpenSSL and Oracle ProductsPublished on August 1, 2016

Products Associated with CVE-2016-2180

Exploit Probability

CVE-2016-2180 in OpenSSL and Oracle Products
Published on August 1, 2016