Your submission was sent successfully! Close

CVE-2009-0590

Published: 27 March 2009

The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.

Priority

Medium

Status

Package Release Status
openssl
Launchpad, Ubuntu, Debian
dapper
Released (0.9.8a-7ubuntu0.7)
gutsy
Released (0.9.8e-5ubuntu3.4)
hardy
Released (0.9.8g-4ubuntu3.5)
intrepid
Released (0.9.8g-10.1ubuntu2.2)
upstream
Released (0.9.8k)