Description
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification.
Remediation
References
Related Vulnerabilities
WordPress Plugin Contact Form X Cross-Site Scripting (2.4)
WordPress Plugin Publish to Schedule Cross-Site Request Forgery (4.4.2)
Jenkins 7PK - Security Features Vulnerability (CVE-2014-9634)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3093)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4581)