Описание
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | 0.9.8a-7ubuntu0.6 |
| devel | not-affected | 0.9.8g-15ubuntu1 |
| gutsy | not-affected | 0.9.8e-5ubuntu3.3 |
| hardy | not-affected | 0.9.8g-4ubuntu3.4 |
| intrepid | not-affected | 0.9.8g-10.1ubuntu2.1 |
| upstream | released | 0.9.8k |
Показывать по
2.6 Low
CVSS2
Связанные уязвимости
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid.
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid.
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is ...
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid.
2.6 Low
CVSS2