FortiClient Vulnerability

RedHat openssl CVE-2016-2108 Buffer Overflow Vulnerability

Description

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library. (CVE-2016-2108) Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Bck, and David Benjamin (Google) as the original reporters.

Affected Applications

openssl

CVE References

CVE-2016-2108

Other References

https://access.redhat.com/errata/RHSA-2016:1137

ID	40548
Created	Jan 17, 2020
Description Updated	Dec 20, 2023
Risk
Coverage	FortiClient
OS	Linux
Vendor	RedHat
Patch	auto
Application	openssl

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

RedHat openssl CVE-2016-2108 Buffer Overflow Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

RedHat openssl CVE-2016-2108 Buffer Overflow Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center