Description
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification.
Remediation
References
Related Vulnerabilities
Roundcube Multiple Buffer Overflow Vulnerabilities (CVE-2015-2181)
WordPress Plugin Helpful Cross-Site Scripting (4.4.58)
WordPress Plugin Listing, Classified Ads & Business Directory-uListing SQL Injection (2.0.3)
Oracle Database Server CVE-2026-21939 Vulnerability (CVE-2026-21939)
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-4391)