CVE-2012-2110

Exp

The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key.

Published: 2012-04-19 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2012-2110 is rated High Exploit Risk (84.5/100): CVSS High severity, with high exploitation likelihood (EPSS 48.30%, 99th percentile). 2 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +39.55% over the last day, indicating growing attacker interest. Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2012-2110

EDB-ID Source Kind Published Link
18756 exploit_db edb 2012-04-19 Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2012-2110

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 8.74% 48.30% +39.55%
2 2026-03-11 7.43% 8.74% +1.32%
3 2026-03-04 7.43%

Full EPSS history (52 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2012-2110

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.5 2.0 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
 10.0 6.4 [email protected]

Weakness enumeration for CVE-2012-2110

OS Trackers for CVE-2012-2110

vendor priority summary link
debian not yet assigned CVE-2012-2110 not yet assigned priority: Debian including 1 source packages (openssl), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2012-2110
gentoo low CVE-2012-2110: 1 GLSA(s) (201312-03), 1 atom(s) (dev-libs/openssl); latest impact low. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2012-2110
redhat high https://access.redhat.com/security/cve/CVE-2012-2110
suse medium CVE-2012-2110 severity moderate: SUSE including 158 source package names (compat-openssl097g-0.9.7g-146.22.1, compat-openssl097g-32bit-0.9.7g-146.22.1, …), 365 product×package rows across 58 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (58 product lines)): Fixed 200, Known Not Affected 165. https://www.suse.com/security/cve/CVE-2012-2110/
ubuntu medium CVE-2012-2110 medium priority: Ubuntu including 2 source packages (openssl, openssl098), 10 status rows across 5 suites (hardy, lucid, natty, oneiric, upstream): released 5, DNE 3, needs-triage 2. https://ubuntu.com/security/CVE-2012-2110

Affected software / configurations for CVE-2012-2110

Vendor Product Version Raw CPE
openssl openssl 1.0.0 cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
openssl openssl 1.0.0 cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
openssl openssl 1.0.0 cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
openssl openssl 1.0.0 cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
openssl openssl 1.0.0 cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
openssl openssl 1.0.0 cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
openssl openssl 1.0.0a cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
openssl openssl 1.0.0b cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
openssl openssl 1.0.0c cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
openssl openssl 1.0.0d cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
openssl openssl 1.0.0e cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
openssl openssl 1.0.0g cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
openssl openssl <= 0.9.8u cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
openssl openssl 0.9.1c cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*
openssl openssl 0.9.2b cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*
openssl openssl 0.9.3 cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*
openssl openssl 0.9.3a cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*
openssl openssl 0.9.4 cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*
openssl openssl 0.9.5 cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*
openssl openssl 0.9.5 cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*
openssl openssl 0.9.5 cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*
openssl openssl 0.9.5a cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*
openssl openssl 0.9.5a cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*
openssl openssl 0.9.5a cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*
openssl openssl 0.9.6 cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*
openssl openssl 0.9.6 cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*
openssl openssl 0.9.6 cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*
openssl openssl 0.9.6 cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*
openssl openssl 0.9.6a cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*
openssl openssl 0.9.6a cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*
openssl openssl 0.9.6a cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*
openssl openssl 0.9.6a cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*
openssl openssl 0.9.6b cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*
openssl openssl 0.9.6c cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*
openssl openssl 0.9.6d cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*
openssl openssl 0.9.6e cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*
openssl openssl 0.9.6f cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*
openssl openssl 0.9.6g cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*
openssl openssl 0.9.6h cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*
openssl openssl 0.9.6i cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*
openssl openssl 0.9.6j cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*
openssl openssl 0.9.6k cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*
openssl openssl 0.9.6l cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*
openssl openssl 0.9.6m cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*
openssl openssl 0.9.7 cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
openssl openssl 0.9.7 cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*
openssl openssl 0.9.7 cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*
openssl openssl 0.9.7 cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*
openssl openssl 0.9.7 cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*
openssl openssl 0.9.7 cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*
openssl openssl 0.9.7 cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*
openssl openssl 0.9.7a cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*
openssl openssl 0.9.7b cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*
openssl openssl 0.9.7c cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*
openssl openssl 0.9.7d cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*
openssl openssl 0.9.7e cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*
openssl openssl 0.9.7f cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*
openssl openssl 0.9.7g cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*
openssl openssl 0.9.7h cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*
openssl openssl 0.9.7i cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*
openssl openssl 0.9.7j cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
openssl openssl 0.9.7k cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
openssl openssl 0.9.7l cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*
openssl openssl 0.9.7m cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*
openssl openssl 0.9.8 cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
openssl openssl 0.9.8a cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
openssl openssl 0.9.8b cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
openssl openssl 0.9.8c cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
openssl openssl 0.9.8d cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
openssl openssl 0.9.8e cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
openssl openssl 0.9.8f cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
openssl openssl 0.9.8g cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
openssl openssl 0.9.8h cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
openssl openssl 0.9.8i cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
openssl openssl 0.9.8j cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
openssl openssl 0.9.8k cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
openssl openssl 0.9.8l cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*
openssl openssl 0.9.8m cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*
openssl openssl 0.9.8m cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*
openssl openssl 0.9.8n cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*

References for CVE-2012-2110

URL Tags
http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html Exploit
http://cvs.openssl.org/chngview?cn=22431
http://cvs.openssl.org/chngview?cn=22434
http://cvs.openssl.org/chngview?cn=22439
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html
http://marc.info/?l=bugtraq&m=133728068926468&w=2
http://marc.info/?l=bugtraq&m=133951357207000&w=2
http://marc.info/?l=bugtraq&m=134039053214295&w=2
http://osvdb.org/81223
http://rhn.redhat.com/errata/RHSA-2012-0518.html
http://rhn.redhat.com/errata/RHSA-2012-0522.html
http://rhn.redhat.com/errata/RHSA-2012-1306.html
http://rhn.redhat.com/errata/RHSA-2012-1307.html
http://rhn.redhat.com/errata/RHSA-2012-1308.html
http://secunia.com/advisories/48847
http://secunia.com/advisories/48895
http://secunia.com/advisories/48899
http://secunia.com/advisories/48942
http://secunia.com/advisories/48999
http://secunia.com/advisories/57353
http://support.apple.com/kb/HT5784
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564
http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578
http://www.debian.org/security/2012/dsa-2454
http://www.exploit-db.com/exploits/18756
http://www.mandriva.com/security/advisories?name=MDVSA-2012:060
http://www.openssl.org/news/secadv_20120419.txt Vendor Advisory
http://www.securityfocus.com/bid/53158
http://www.securitytracker.com/id?1026957
http://www.ubuntu.com/usn/USN-1424-1
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
https://kb.juniper.net/KB27376
cvelogic Threat Intelligence