Heap overflow in OpenSSL



Published: 2016-05-05 | Updated: 2017-01-13
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2016-2105
CWE-ID CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		OpenSSL
Server applications / Encryption software

Oracle Solaris
Operating systems & Components / Operating system

Oracle Linux
Operating systems & Components / Operating system

macOS
Operating systems & Components / Operating system

Oracle Access Manager
Server applications / Directory software, identity management

Oracle Exalogic Infrastructure
Server applications / Remote management servers, RDP, SSH

Oracle Enterprise Manager Ops Center
Server applications / Remote management servers, RDP, SSH

PeopleSoft Enterprise PeopleTools
Client/Desktop applications / Office applications

Oracle VM VirtualBox
Server applications / Virtualization software

Oracle Secure Global Desktop
Client/Desktop applications / Virtualization software

Oracle E-Business Suite
Web applications / E-Commerce systems

Oracle Commerce Guided Search
Web applications / E-Commerce systems

Oracle Agile Engineering Data Management
Other software / Other software solutions

Oracle Life Sciences Data Hub
Other software / Other software solutions

Oracle VM Server for x86
Server applications / Other server solutions

Vendor OpenSSL Software Foundation
Oracle

Apple Inc.

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Heap overflow

EUVDB-ID: #VU640

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-2105

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote user to cause heap overflow on the target system.

The weakness is caused by insufficient input validation. By sending a great deal of input data attackers are able to cause overflow of the EVP_EncodeUpdate() function used for binary data encoding.

Successful exploitation of the vulnerability may result in heap overflow on the vulnerable system.

Mitigation

Update 1.0.1 to 1.0.1t.
Update 1.0.2 to 1.0.2h.

Vulnerable software versions

OpenSSL: 1.0.1 - 1.0.2

Oracle Solaris: 10 - 11.3

Oracle Access Manager: 10.1.4.2 - 11.1.1.7

Oracle Exalogic Infrastructure: 1.0 - 2.0

PeopleSoft Enterprise PeopleTools: 8.53 - 8.55

Oracle VM VirtualBox: 5.0.20

Oracle Secure Global Desktop: 4.63 - 5.2

: 5.6.29 - 5.7.11

:

Oracle Enterprise Manager Ops Center: 12.1.4 - 12.3.2

Oracle E-Business Suite: 12.1.3

Oracle Agile Engineering Data Management: 6.1.3.0 - 6.2.0.0

Oracle Commerce Guided Search: 6.2.2 - 6.5.2

Oracle Life Sciences Data Hub: 2.1

Oracle VM Server for x86: 3.2

Oracle Linux: 5 - 7

macOS: 10.11 - 10.11.5

External links

http://www.openssl.org/news/secadv/20160503.txt
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://support.apple.com/cs-cz/HT206903


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###