WEB APPLICATION VULNERABILITIES Standard & Premium

OpenSSL Improper Authentication Vulnerability (CVE-2009-0591)

Description

The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid.

Remediation

References

Related Vulnerabilities

PHP Numeric Errors Vulnerability (CVE-2010-1866)

WordPress Plugin Export Post Info CSV Injection (1.2.0)

WordPress Plugin Custom Website Data Cross-Site Request Forgery (1.2)

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-21610)

WordPress Plugin YARPP-Yet Another Related Posts SQL Injection (5.30.2)

Severity

Low

Classification

CVE-2009-0591 CWE-287

Tags

Missing Update Known Vulnerabilities