VYPR
High severity8.2NVD Advisory· Published May 5, 2016· Updated Jun 17, 2026

CVE-2016-2176

CVE-2016-2176

Description

The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

14
  • cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*range: <=1.0.1s
    • cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
    • cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*
    • (no CPE)range: <1.0.1t, <1.0.2h

Patches

Vulnerability mechanics

References

23

News mentions

0

No linked articles in our index yet.