Description
RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
WordPress Plugin Welcart e-Commerce Multiple Vulnerabilities (1.3.12)
WordPress Plugin Erident Custom Login and Dashboard Cross-Site Scripting (3.5.8)
WordPress Plugin Orbit Fox by ThemeIsle Multiple Vulnerabilities (2.10.2)
MySQL CVE-2012-0117 Vulnerability (CVE-2012-0117)
WordPress Plugin Blue Wrench Video Widget Cross-Site Request Forgery (1.0.5)