logo
DATABASE RESOURCES PRICING ABOUT US

Arbitrary Code Execution

Description

openssl is vulnerable to arbitrary code execution. The vulnerability exists as a double free flaw was discovered in the policy checking code in OpenSSL. A remote attacker could use this flaw to crash an application that uses OpenSSL by providing an X.509 certificate that has specially-crafted policy extension data.


Affected Software


CPE Name Name Version
openssl 0.9.8b__10.el5
openssl 0.9.8e__12.el5_4.1
openssl 0.9.8b__8.3.el5_0.2
openssl 0.9.8e__12.el5_4.6
openssl 0.9.8b__8.3.el5
openssl 0.9.8e__12.el5
openssl 0.9.8e__12.el5_5.7
openssl 0.9.8b__10.el5_2.1
openssl 0.9.8e__7.el5
openssl 0.9.8b__10.el5
openssl 0.9.8e__12.el5_4.1
openssl 0.9.8b__8.3.el5_0.2
openssl 0.9.8e__12.el5_4.6
openssl 0.9.8b__8.3.el5
openssl 0.9.8e__12.el5
openssl 0.9.8e__12.el5_5.7
openssl 0.9.8b__10.el5_2.1
openssl 0.9.8e__7.el5

Related