Description

OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.

Remediation

References

CVE-2009-0789

Related Vulnerabilities

Envoy Proxy Excessive Iteration Vulnerability (CVE-2021-32778)

TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-3633)

WordPress Plugin WP Link To Us Multiple Cross-Site Scripting Vulnerabilities (2.0)

Python Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20907)

CubeCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1550)

Severity

Medium

Classification

CVE-2009-0789

Tags

Missing Update Known Vulnerabilities