Unrated severityNVD Advisory· Published Feb 8, 2013· Updated Jun 16, 2026
CVE-2012-2686
CVE-2012-2686
Description
crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 before 1.0.1d allows remote attackers to cause a denial of service (application crash) via crafted CBC data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
- (no CPE)range: >=1.0.1 <1.0.1d
Patches
Vulnerability mechanics
References
12- www.openssl.org/news/secadv_20130204.txtnvdVendor Advisory
- git.openssl.org/gitweb/nvd
- lists.apple.com/archives/security-announce/2013/Sep/msg00002.htmlnvd
- marc.infonvd
- secunia.com/advisories/55108nvd
- secunia.com/advisories/55139nvd
- support.apple.com/kb/HT5880nvd
- www.securityfocus.com/bid/57755nvd
- bugzilla.redhat.com/show_bug.cginvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18868nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19660nvd
- support.hpe.com/hpsc/doc/public/displaynvd
News mentions
0No linked articles in our index yet.