---

CVE-2016-2182 - log back

CVE-2016-2182 created at 25 Sep 2019 19:31:40
Severity	+ Low
Remote	+ Remote
Type	+ Arbitrary code execution
Description	+ The function BN_bn2dec() does not check the return value of BN_div_word(). This can cause an OOB write if an application uses this function with an overly large BIGNUM. This could be a problem if an overly large certificate or CRL is printed out from an untrusted source. TLS is not affected because record limits will reject an oversized certificate before it is parsed.
References	+ https://www.openssl.org/news/secadv/20160922.txt
Notes