Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2015-3195

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.

  • Published: Dec 6, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-3195
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.3
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
apple / mac_os_x - 10.11.4
oracle / sun_ray_software 11.1 11.1.x
oracle / transportation_management 6.1 6.1.x
oracle / life_sciences_data_hub 2.1 2.1.x
oracle / transportation_management 6.2 6.2.x
oracle / api_gateway 11.1.2.3.0 11.1.2.3.0.x
oracle / exalogic_infrastructure 1.0 1.0.x
oracle / solaris 11.3 11.3.x
oracle / api_gateway 11.1.2.4.0 11.1.2.4.0.x
oracle / exalogic_infrastructure 2.0 2.0.x
oracle / solaris 10 10.x
oracle / communications_webrtc_session_controller 7.0 7.0.x
oracle / communications_webrtc_session_controller 7.2 7.2.x
oracle / communications_webrtc_session_controller 7.1 7.1.x
oracle / vm_virtualbox 5.0.0 5.0.14
oracle / linux 5 5.x
oracle / vm_server 3.2 3.2.x
oracle / linux 6 6.x
oracle / linux 7 7.x
oracle / vm_virtualbox - 4.3.36
oracle / http_server 11.5.10.2 11.5.10.2.x
oracle / integrated_lights_out_manager_firmware 3.0 4.0.4.x
openssl / openssl - 0.9.8zh
openssl / openssl 1.0.0 1.0.0t
openssl / openssl 1.0.1 1.0.1q
openssl / openssl 1.0.2 1.0.2e
redhat / enterprise_linux_desktop 7.0 7.0.x
redhat / enterprise_linux_server 5.0 5.0.x
redhat / enterprise_linux_server_aus 7.2 7.2.x
redhat / enterprise_linux_workstation 7.0 7.0.x
redhat / enterprise_linux_server_tus 7.2 7.2.x
redhat / enterprise_linux_server 7.0 7.0.x
redhat / enterprise_linux_workstation 5.0 5.0.x
redhat / enterprise_linux_desktop 6.0 6.0.x
redhat / enterprise_linux_server 6.0 6.0.x
redhat / enterprise_linux_workstation 6.0 6.0.x
redhat / enterprise_linux_server_tus 7.3 7.3.x
redhat / enterprise_linux_desktop 5.0 5.0.x
redhat / enterprise_linux_server_aus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.4 7.4.x
redhat / enterprise_linux_server_tus 7.6 7.6.x
redhat / enterprise_linux_server_aus 7.6 7.6.x
redhat / enterprise_linux_server_aus 7.7 7.7.x
redhat / enterprise_linux_server_tus 7.7 7.7.x
canonical / ubuntu_linux 15.10 15.10.x
canonical / ubuntu_linux 15.04 15.04.x
canonical / ubuntu_linux 14.04 14.04.x
canonical / ubuntu_linux 12.04 12.04.x
debian / debian_linux 8.0 8.0.x
debian / debian_linux 7.0 7.0.x
opensuse / opensuse 11.4 11.4.x
suse / linux_enterprise_server 10-sp4 10-sp4.x
opensuse / leap 42.1 42.1.x
opensuse / opensuse 13.1 13.1.x
opensuse / opensuse 13.2 13.2.x
fedoraproject / fedora 22 22.x