VDB
RHSA-2016%3A1089
RHSA-2016%3A1089
PUBLISHED
CVSS 5.099999904632568 MEDIUM
A use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported.
Risk Scores
CVSS 2.0
5.099999904632568
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat JBoss Web Server 3.0 |
Exploit Intelligence
- EXPOSURE demo target: Tomcat (CVE-2016-0714) + Apache Rave (CVE-2013-1814) + Java filter-padding deps (github-poc)
- EXPOSURE demo target: Tomcat (CVE-2016-0714) + Apache Rave (CVE-2013-1814) + Java filter-padding deps (github-poc-repo)
- Windows/Linux reproducer (github-poc-repo)
- cve_db.json (github-poc)
Timeline
- May 17, 2016 CVE Published
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2016:1089 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/3/html-single/3.0.3_Release_Notes/index.html advisory
- https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=webserver&version=3.0.3 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1196737 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1213957 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1274222 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1276297 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1276693 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1277146 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1281862 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1281879 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1281925 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1281930 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1281936 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1281943 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1281950 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1311076 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1311082 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1311085 issue
…and 77 more