Description
OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used.
Remediation
References
Related Vulnerabilities
WordPress Plugin Advanced Dynamic Pricing for WooCommerce Multiple Vulnerabilities (4.1.5)
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8447)
Riot.js Resource Management Errors Vulnerability (CVE-2016-10527)
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3488)