9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.038 Low
EPSS
Percentile
91.8%
Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when
X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an
unspecified impact by triggering failure of a policy check.
Author | Note |
---|---|
mdeslaur | 1.0.0 is not affected |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | openssl | <ย 0.9.8g-4ubuntu3.15 | UNKNOWN |
ubuntu | 10.04 | noarch | openssl | <ย 0.9.8k-7ubuntu8.8 | UNKNOWN |
ubuntu | 10.10 | noarch | openssl | <ย 0.9.8o-1ubuntu4.6 | UNKNOWN |
ubuntu | 11.04 | noarch | openssl | <ย 0.9.8o-5ubuntu1.2 | UNKNOWN |
ubuntu | 11.10 | noarch | openssl098 | <ย 0.9.8o-7ubuntu1.2 | UNKNOWN |