Description

OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.

Remediation

References

CVE-2009-0789

Related Vulnerabilities

WordPress Plugin HUSKY-Products Filter Professional for WooCommerce SQL Injection (1.3.6)

WordPress Plugin Scoutnet Kalender Cross-Site Scripting (1.1.0)

WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Multiple Vulnerabilities (2.0.18)

WordPress Plugin WooCommerce Cross-Site Scripting (3.5.4)

SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17308)

Severity

Medium

Classification

CVE-2009-0789

Tags

Missing Update Known Vulnerabilities