Description

OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used.

Remediation

References

CVE-2003-0544

Related Vulnerabilities

WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.9)

Apache HTTP Server CVE-2012-0883 Vulnerability (CVE-2012-0883)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31799)

Joomla Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-15697)

WordPress Plugin MailPoet Newsletters (Previous) 'swfupload.swf' Cross-Site Scripting (2.1.6)

Severity

Medium

Classification

CVE-2003-0544

Tags

Missing Update Known Vulnerabilities