Description

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers.

Remediation

References

CVE-2011-4577

Related Vulnerabilities

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20239)

WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder CSV Injection (1.4.7)

Joomla! Core Security Bypass (1.6.0 - 3.6.5)

WordPress Plugin User Verification Security Bypass (1.0.93)

WebLogic Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10152)

Severity

Medium

Classification

CVE-2011-4577

Tags

Missing Update Known Vulnerabilities