CVE-2003-0545 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2003-0545
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2003-0545

Description: Double-free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.

CVE Status: Candidate

References: VULNWATCH SAID Secunia Advisory: SA22249 REDHAT http://www.redhat.com/support/errata/RHSA-2003-292.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2590 MISC http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm FULLDISC DEBIAN http://www.debian.org/security/2003/dsa-394 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg21247112 CERT-VN 935264 CERT http://www.cert.org/advisories/CA-2003-26.html BID 8732

Return to the previous page.