Skip to main content

Numeric Errors

CVE-2009-0789

Severity Medium
Score 5.3/10

Summary

OpenSSL prior to 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • NONE
  • LOW

CWE-189 - Numeric Errors

Weaknesses in this category are related to improper calculation or conversion of numbers.

Advisory Timeline

  • Published