virus logo FortiClient Vulnerability

OpenSSL CVE-2016-7052 Denial of Service Vulnerability

description-logoDescription

Severity: ModerateThis issue only affects OpenSSL 1.0.2i, released on 22nd September 2016.A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0but was omitted from OpenSSL 1.0.2i. As a result any attempt to useCRLs in OpenSSL 1.0.2i will crash with a null pointer exception.OpenSSL 1.0.2i users should upgrade to 1.0.2jThe issue was reported to OpenSSL on 22nd September 2016 by Bruce Stephens andThomas Jakobi. The fix was developed by Matt Caswell of the OpenSSL developmentteam.ReferencesURL for this Security Advisory:https://www.openssl.org/news/secadv/20160926.txtNote: the online version of the advisory may be updated with additional detailsover time.For details of OpenSSL severity classifications please see:https://www.openssl.org/policies/secpolicy.html

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2016-7052

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39876
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL