CVE-2009-0789
Published: 27 March 2009
OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.
Notes
Author | Note |
---|---|
jdstrand | only affects platforms where sizeof(long) < sizeof(void *). These are equal on all releases/architectures, thus Ubuntu is not affected. |