OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability

OpenSSL is prone to a remote memory-corruption vulnerability because of integer-truncation errors.

Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the application using the vulnerable library. Failed exploit attempts will result in a denial-of-service condition.

OpenSSL versions up to and including 1.0.1 are affected.


 

Privacy Statement
Copyright 2010, SecurityFocus