| Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-0590 | 5.0 |
The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid
|
03-11-2020 - 17:38 | 27-03-2009 - 16:30 | |
| CVE-2008-5077 | 5.8 |
OpenSSL 0.9.8i and earlier does not properly check the return value from the EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
|
11-10-2018 - 20:53 | 07-01-2009 - 17:30 | |
| CVE-2009-3245 | 10.0 |
OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent at
|
19-09-2017 - 01:29 | 05-03-2010 - 19:30 | |
| CVE-2009-0789 | 5.0 |
OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the
|
17-08-2017 - 01:30 | 27-03-2009 - 16:30 | |
| CVE-2009-0591 | 2.6 |
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid bu
|
17-08-2017 - 01:29 | 27-03-2009 - 16:30 |