Lucene search
Ubuntu.comUB:CVE-2009-0591HistoryMar 27, 2009 - 12:00 a.m.
CVE-2009-0591
2009-03-2700:00:00
ubuntu.com
ubuntu.com
16
0.008 Low
EPSS
Percentile
81.4%
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is
enabled, does not properly handle errors associated with malformed signed
attributes, which allows remote attackers to repudiate a signature that
originally appeared to be valid but was actually invalid.
Notes
| Author | Note |
|---|---|
| jdstrand | only present in OpenSSL 0.9.8h and later |
Related
prion
prion
Design/Logic Flaw
2009-03-27 16:30:00
debiancve
debiancve
CVE-2009-0591
2009-03-27 16:30:01
cve
cve
CVE-2009-0591
2009-03-27 16:30:01
openvas
openvas
OpenSSL: Incorrect Error Checking During CMS Verification (20090325) - Linux
2021-08-13 00:00:00
OpenSSL Multiple Vulnerabilities (Windows)
2009-04-02 00:00:00
f5
f5
SOL15369 - OpenSSL vulnerability CVE-2009-0591
2014-06-23 00:00:00
K15369 : OpenSSL vulnerability CVE-2009-0591
2014-06-23 00:00:00
nessus
nessus
OpenSSL < 0.9.8k Signature Repudiation
2012-01-04 00:00:00
Slackware 11.0 / 12.0 / 12.1 / 12.2 / current : openssl (SSA:2009-098-01)
2009-04-08 00:00:00
SuSE 11 Security Update : OpenSSL (SAT Patch Number 772)
2009-09-24 00:00:00
cvelist
cvelist
CVE-2009-0591
2009-03-27 16:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2009-0591
2009-03-25 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package openssl10 version 0.9.8k-alt1
2009-03-25 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8k-alt1
2009-03-25 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 0.9.8k-alt1
2009-03-25 00:00:00
slackware
slackware
openssl
2009-04-07 23:29:36
threatpost
threatpost
Multiple vulnerabilities found, fixed in OpenSSL
2009-03-26 23:43:56