QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2009-0789

Back to search

CVE-2009-0789

Published: Mar 27, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.

VendorProductVersions

n/a

n/a

affected
n/a

References

SSRT090059
vendor-advisory
x_refsource_HP
ADV-2009-0850
vdb-entry
x_refsource_VUPEN
ADV-2009-1175
vdb-entry
x_refsource_VUPEN
42724
third-party-advisory
x_refsource_SECUNIA
SUSE-SU-2011:0847
vendor-advisory
x_refsource_SUSE
52866
vdb-entry
x_refsource_OSVDB
openSUSE-SU-2011:0845
vendor-advisory
x_refsource_SUSE
34666
third-party-advisory
x_refsource_SECUNIA
HPSBUX02435
vendor-advisory
x_refsource_HP
ADV-2009-1020
vdb-entry
x_refsource_VUPEN
35729
third-party-advisory
x_refsource_SECUNIA
35380
third-party-advisory
x_refsource_SECUNIA
HPSBOV02540
vendor-advisory
x_refsource_HP
openssl-asn1-structure-dos(49433)
vdb-entry
x_refsource_XF
APPLE-SA-2009-09-10-2
vendor-advisory
x_refsource_APPLE
35065
third-party-advisory
x_refsource_SECUNIA
34411
third-party-advisory
x_refsource_SECUNIA
1021906
vdb-entry
x_refsource_SECTRACK
SUSE-SR:2009:010
vendor-advisory
x_refsource_SUSE
ADV-2009-1548
vdb-entry
x_refsource_VUPEN
36701
third-party-advisory
x_refsource_SECUNIA
34460
third-party-advisory
x_refsource_SECUNIA
34256
vdb-entry
x_refsource_BID
42733
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now