Openssl : Security Vulnerabilities, CVEs, Published In 2003 CVSS score >= 6
Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.
Max CVSS
10.0
EPSS Score
51.11%
Published
2003-11-17
Updated
2024-02-02
The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the "Klima-Pokorny-Rosa attack."
Max CVSS
7.5
EPSS Score
7.42%
Published
2003-03-24
Updated
2018-10-19
2 vulnerabilities found