Description

OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.

Remediation

References

CVE-2009-0789

Related Vulnerabilities

Squid Improper Input Validation Vulnerability (CVE-2009-2855)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16222)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32768)

WordPress Plugin Really Simple Gallery Cross-Site Scripting (1.4)

Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-6414)

Severity

Medium

Classification

CVE-2009-0789

Tags

Missing Update Known Vulnerabilities