Description

The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.

Remediation

References

CVE-2009-0590

Related Vulnerabilities

e107 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3731)

TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-4855)

MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-2334)

Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)

WordPress Plugin WP Armour-Honeypot Anti Spam Cross-Site Scripting (1.5.6)

Severity

Medium

Classification

CVE-2009-0590 CWE-119

Tags

Missing Update Known Vulnerabilities