Unrated severityNVD Advisory· Published Apr 24, 2012· Updated Jun 16, 2026
CVE-2012-2131
CVE-2012-2131
Description
Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*
- (no CPE)range: =0.9.8v
Patches
Vulnerability mechanics
References
21- www.openssl.org/news/secadv_20120424.txtnvdVendor Advisory
- cvs.openssl.org/chngviewnvd
- kb.juniper.net/InfoCenter/indexnvd
- lists.apple.com/archives/security-announce/2013/Jun/msg00000.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.htmlnvd
- marc.infonvd
- marc.infonvd
- secunia.com/advisories/48895nvd
- secunia.com/advisories/48956nvd
- secunia.com/advisories/57353nvd
- support.apple.com/kb/HT5784nvd
- www-01.ibm.com/support/docview.wssnvd
- www.debian.org/security/2012/dsa-2454nvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2012/04/24/1nvd
- www.securityfocus.com/bid/53212nvd
- www.securitytracker.com/idnvd
- www.ubuntu.com/usn/USN-1428-1nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/75099nvd
News mentions
0No linked articles in our index yet.