CVE-2009-0789
Priority
Medium
Description
OpenSSL before 0.9.8k on WIN64 and certain other platforms does not
properly handle a malformed ASN.1 structure, which allows remote attackers
to cause a denial of service (invalid memory access and application crash)
by placing this structure in the public key of a certificate, as
demonstrated by an RSA public key.
properly handle a malformed ASN.1 structure, which allows remote attackers
to cause a denial of service (invalid memory access and application crash)
by placing this structure in the public key of a certificate, as
demonstrated by an RSA public key.
Notes
jdstrand> only affects platforms where sizeof(long) < sizeof(void *). These
are equal on all releases/architectures, thus Ubuntu is not affected.
are equal on all releases/architectures, thus Ubuntu is not affected.
Package
| Upstream: | released (CVE-2009-0789) |
| Ubuntu 8.04 LTS (Hardy Heron): | not-affected |