The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow malicious users to cause a denial of service (invalid write operation and memory corruption) by leveraging an application that relies on ASN.1 structure reuse.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl 1.0.1j |
||
openssl openssl 1.0.0n |
||
openssl openssl 1.0.0c |
||
openssl openssl 1.0.0i |
||
openssl openssl 1.0.1h |
||
openssl openssl 1.0.0m |
||
openssl openssl 1.0.1c |
||
openssl openssl 1.0.1g |
||
openssl openssl 1.0.0h |
||
openssl openssl 1.0.0e |
||
openssl openssl 1.0.0f |
||
openssl openssl 1.0.0d |
||
openssl openssl 1.0.0j |
||
openssl openssl 1.0.0p |
||
openssl openssl 1.0.1a |
||
openssl openssl 1.0.0o |
||
openssl openssl 1.0.1d |
||
openssl openssl 1.0.0k |
||
openssl openssl 1.0.1k |
||
openssl openssl 1.0.0 |
||
openssl openssl 1.0.1b |
||
openssl openssl 1.0.1e |
||
openssl openssl 1.0.1l |
||
openssl openssl 1.0.1f |
||
openssl openssl 1.0.0l |
||
openssl openssl 1.0.2 |
||
openssl openssl 1.0.0a |
||
openssl openssl 1.0.0q |
||
openssl openssl 1.0.1i |
||
openssl openssl 1.0.0b |
||
openssl openssl 1.0.1 |
||
openssl openssl 1.0.0g |
||
openssl openssl |