Description
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
Remediation
References
Related Vulnerabilities
Oracle Application Server Other Vulnerability (CVE-2001-0419)
WordPress Plugin eCommerce Product Catalog for WordPress Cross-Site Scripting (3.0.38)
ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2051)
Oracle Application Server CVE-2008-0349 Vulnerability (CVE-2008-0349)
WordPress Plugin Titan Anti-spam & Security Cross-Site Scripting (4.1)