CVE-2009-3245
CVE-2009-3245
OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.aschttp://lists.apple.com/archives/security-announce/2011//Jun/msg00000.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlhttp://marc.info/?l=bugtraq&m=127128920008563&w=2http://marc.info/?l=bugtraq&m=127678688104458&w=2http://marc.info/?l=openssl-cvs&m=126692159706582&w=2http://marc.info/?l=openssl-cvs&m=126692170906712&w=2http://marc.info/?l=openssl-cvs&m=126692180606861&w=2http://packetstormsecurity.com/files/153392/ABB-HMI-Outdated-Software-Components.htmlhttp://secunia.com/advisories/37291