CVE-2006-7250
openssl - multiple
EPSS 2.0%
Description
The mime_hdr_cmp function in crypto/asn1/asn_mime.c in OpenSSL 0.9.8t and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message.
How to fix CVE-2006-7250
To remediate CVE-2006-7250, upgrade the affected package to a fixed version below.
- Debian/openssl—upgrade to 1.0.0h-1 or later
- Debian/openssl—upgrade to 0.9.8o-4squeeze11 or later
Is CVE-2006-7250 being exploited?
Low — EPSS is 2.0%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1.0.0h-1
- from 0, < 0.9.8o-4squeeze11