Description
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
Remediation
References
Related Vulnerabilities
WordPress Plugin Quick Contact Form Security Bypass (8.0.1)
MySQL CVE-2022-21311 Vulnerability (CVE-2022-21311)
Chamilo Improper Input Validation Vulnerability (CVE-2021-31933)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0093)
WordPress Plugin Your Text Manager Cross-Site Scripting (0.3.0)