Description

OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.

Remediation

References

CVE-2009-0789

Related Vulnerabilities

WordPress Improper Access Control Vulnerability (CVE-2015-5623)

Oracle Application Server CVE-2007-5525 Vulnerability (CVE-2007-5525)

Oracle Application Server CVE-2008-2593 Vulnerability (CVE-2008-2593)

WordPress Plugin Booster for WooCommerce PHP Object Injection (3.0.1)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12649)

Severity

Medium

Classification

CVE-2009-0789

Tags

Missing Update Known Vulnerabilities