CVE-2009-0590
CVE-2009-0590
The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-008.txt.aschttp://lists.apple.com/archives/security-announce/2009/Sep/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.htmlhttp://lists.vmware.com/pipermail/security-announce/2010/000082.htmlhttp://marc.info/?l=bugtraq&m=124464882609472&w=2http://marc.info/?l=bugtraq&m=125017764422557&w=2http://marc.info/?l=bugtraq&m=127678688104458&w=2http://secunia.com/advisories/34411http://secunia.com/advisories/34460http://secunia.com/advisories/34509