cpe:/a:openssl:openssl:0.9.8zg cpe:/a:openssl:openssl:1.0.0 cpe:/a:openssl:openssl:1.0.0a cpe:/a:openssl:openssl:1.0.0b cpe:/a:openssl:openssl:1.0.0c cpe:/a:openssl:openssl:1.0.0d cpe:/a:openssl:openssl:1.0.0e cpe:/a:openssl:openssl:1.0.0f cpe:/a:openssl:openssl:1.0.0g cpe:/a:openssl:openssl:1.0.0h cpe:/a:openssl:openssl:1.0.0i cpe:/a:openssl:openssl:1.0.0j cpe:/a:openssl:openssl:1.0.0k cpe:/a:openssl:openssl:1.0.0l cpe:/a:openssl:openssl:1.0.0m cpe:/a:openssl:openssl:1.0.0n cpe:/a:openssl:openssl:1.0.0o cpe:/a:openssl:openssl:1.0.0p cpe:/a:openssl:openssl:1.0.0q cpe:/a:openssl:openssl:1.0.0r cpe:/a:openssl:openssl:1.0.0s cpe:/a:openssl:openssl:1.0.1a cpe:/a:openssl:openssl:1.0.1b cpe:/a:openssl:openssl:1.0.1c cpe:/a:openssl:openssl:1.0.1d cpe:/a:openssl:openssl:1.0.1e cpe:/a:openssl:openssl:1.0.1f cpe:/a:openssl:openssl:1.0.1g cpe:/a:openssl:openssl:1.0.1h cpe:/a:openssl:openssl:1.0.1i cpe:/a:openssl:openssl:1.0.1j cpe:/a:openssl:openssl:1.0.1k cpe:/a:openssl:openssl:1.0.1l cpe:/a:openssl:openssl:1.0.1m cpe:/a:openssl:openssl:1.0.1n cpe:/a:openssl:openssl:1.0.1o cpe:/a:openssl:openssl:1.0.1p cpe:/a:openssl:openssl:1.0.2 cpe:/a:openssl:openssl:1.0.2a cpe:/a:openssl:openssl:1.0.2b cpe:/a:openssl:openssl:1.0.2c cpe:/a:openssl:openssl:1.0.2d cpe:/a:oracle:api_gateway:11.1.2.3.0 cpe:/a:oracle:api_gateway:11.1.2.4.0 cpe:/a:oracle:exalogic_infrastructure:1.0 cpe:/a:oracle:exalogic_infrastructure:2.0 cpe:/a:oracle:life_sciences_data_hub:2.1 cpe:/a:oracle:sun_ray_software:11.1 cpe:/a:oracle:transportation_management:6.1 cpe:/a:oracle:transportation_management:6.2 cpe:/a:oracle:vm_virtualbox:4.3.0 cpe:/a:oracle:vm_virtualbox:4.3.2 cpe:/a:oracle:vm_virtualbox:4.3.4 cpe:/a:oracle:vm_virtualbox:4.3.6 cpe:/a:oracle:vm_virtualbox:4.3.8 cpe:/a:oracle:vm_virtualbox:4.3.10 cpe:/a:oracle:vm_virtualbox:4.3.12 cpe:/a:oracle:vm_virtualbox:4.3.14 cpe:/a:oracle:vm_virtualbox:4.3.16 cpe:/a:oracle:vm_virtualbox:4.3.18 cpe:/a:oracle:vm_virtualbox:4.3.22 cpe:/a:oracle:vm_virtualbox:4.3.24 cpe:/a:oracle:vm_virtualbox:4.3.26 cpe:/a:oracle:vm_virtualbox:4.3.28 cpe:/a:oracle:vm_virtualbox:4.3.29 cpe:/a:oracle:vm_virtualbox:4.3.30 cpe:/a:oracle:vm_virtualbox:4.3.32 cpe:/a:oracle:vm_virtualbox:4.3.34 cpe:/a:oracle:vm_virtualbox:4.3.35 cpe:/a:oracle:vm_virtualbox:4.3.36 cpe:/a:oracle:vm_virtualbox:5.0.0 cpe:/a:oracle:vm_virtualbox:5.0.2 cpe:/a:oracle:vm_virtualbox:5.0.4 cpe:/a:oracle:vm_virtualbox:5.0.6 cpe:/a:oracle:vm_virtualbox:5.0.8 cpe:/a:oracle:vm_virtualbox:5.0.10 cpe:/a:oracle:vm_virtualbox:5.0.12 cpe:/a:oracle:vm_virtualbox:5.0.13 cpe:/a:oracle:vm_virtualbox:5.0.14 cpe:/o:apple:mac_os_x:10.11.3 cpe:/o:canonical:ubuntu_linux:12.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:15.04 cpe:/o:canonical:ubuntu_linux:15.10 cpe:/o:debian:debian_linux:7.0 cpe:/o:debian:debian_linux:8.0 cpe:/o:redhat:enterprise_linux_desktop:5.0 cpe:/o:redhat:enterprise_linux_desktop:6.0 cpe:/o:redhat:enterprise_linux_desktop:7.0 cpe:/o:redhat:enterprise_linux_server:5.0 cpe:/o:redhat:enterprise_linux_server:6.0 cpe:/o:redhat:enterprise_linux_server:7.0 cpe:/o:redhat:enterprise_linux_server_aus:7.2 cpe:/o:redhat:enterprise_linux_server_aus:7.3 cpe:/o:redhat:enterprise_linux_server_aus:7.4 cpe:/o:redhat:enterprise_linux_server_eus:6.7 cpe:/o:redhat:enterprise_linux_server_eus:7.2 cpe:/o:redhat:enterprise_linux_server_eus:7.3 cpe:/o:redhat:enterprise_linux_server_eus:7.4 cpe:/o:redhat:enterprise_linux_server_eus:7.5 cpe:/o:redhat:enterprise_linux_server_eus:7.6 cpe:/o:redhat:enterprise_linux_server_tus:7.2 cpe:/o:redhat:enterprise_linux_server_tus:7.3 cpe:/o:redhat:enterprise_linux_server_tus:7.6 cpe:/o:redhat:enterprise_linux_workstation:5.0 cpe:/o:redhat:enterprise_linux_workstation:6.0 cpe:/o:redhat:enterprise_linux_workstation:7.0 CVE-2015-3195 2015-12-06T15:59:05.973-05:00 2019-06-14T10:44:09.653-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2019-06-13T11:06:32.743-04:00 SECTRACK 1034294 CISCO 20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products BID 78626 BID 91787 APPLE APPLE-SA-2016-03-21-5 DEBIAN DSA-3413 FEDORA FEDORA-2015-d87d60b9a9 HP HPSBGN03536 REDHAT RHSA-2015:2616 REDHAT RHSA-2015:2617 REDHAT RHSA-2016:2056 REDHAT RHSA-2016:2957 SLACKWARE SSA:2015-349-04 SUSE SUSE-SU-2016:0678 UBUNTU USN-2830-1 CONFIRM http://fortiguard.com/advisory/openssl-advisory-december-2015 CONFIRM http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733 CONFIRM http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 CONFIRM http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 CONFIRM http://openssl.org/news/secadv/20151203.txt CONFIRM http://www.fortiguard.com/advisory/openssl-advisory-december-2015 CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html CONFIRM http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html CONFIRM http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html CONFIRM http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html CONFIRM http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html CONFIRM https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173 CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017 CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085 CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888 CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380 CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322 CONFIRM https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100 CONFIRM https://support.apple.com/HT206167 SUSE openSUSE-SU-2015:2288 SUSE openSUSE-SU-2015:2289 SUSE openSUSE-SU-2015:2318 SUSE openSUSE-SU-2015:2349 SUSE openSUSE-SU-2016:0637 SUSE openSUSE-SU-2016:0640 The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.