Numeric Errors
CVE-2009-0789
Summary
OpenSSL prior to 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- NONE
- LOW
CWE-189 - Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.
References
Advisory Timeline
- Published