Description
Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2110.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP e-Commerce Shop Styling Arbitrary File Download (2.5)
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0 - 4.7.5)
Oracle JRE CVE-2019-2933 Vulnerability (CVE-2019-2933)
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8098)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4401)