virus logo FortiClient Vulnerability

OpenSSL CVE-2015-0292 Buffer Overflow Vulnerability

description-logoDescription

Severity: ModerateA vulnerability existed in previous versions of OpenSSL related to theprocessing of base64 encoded data. Any code path that reads base64 data from anuntrusted source could be affected (such as the PEM processing routines).Maliciously crafted base 64 data could trigger a segmenation fault or memorycorruption. This was addressed in previous versions of OpenSSL but has not beenincluded in any security advisory until now.This issue affects OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.OpenSSL 1.0.1 users should upgrade to 1.0.1h.OpenSSL 1.0.0 users should upgrade to 1.0.0m.OpenSSL 0.9.8 users should upgrade to 0.9.8za.The fix for this issue can be identified by commits d0666f289a (1.0.1),84fe686173 (1.0.0) and 9febee0272 (0.9.8). This issue was originally reported byRobert Dugal and subsequently by David Ramos.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2015-0292

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39828
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL