The ASN1_STRING_print_ex function in OpenSSL prior to 0.9.8k allows remote malicious users to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl |
||
debian debian linux 4.0 |
||
debian debian linux 5.0 |