CVE-2009-0789
CVE-2009-0789
OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-008.txt.aschttp://lists.apple.com/archives/security-announce/2009/Sep/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.htmlhttp://marc.info/?l=bugtraq&m=124464882609472&w=2http://marc.info/?l=bugtraq&m=127678688104458&w=2http://secunia.com/advisories/34411http://secunia.com/advisories/34460http://secunia.com/advisories/34666http://secunia.com/advisories/35065http://secunia.com/advisories/35380