OpenSSL 'EVP_PKEY_verify_recover()' Invalid Return Value Security Bypass Vulnerability

OpenSSL is prone to a security-bypass vulnerability.

Successful exploit may allow attackers to potentially bypass key checks in applications using the affected library; other attacks are also possible.

OpenSSL 1.0.0 is vulnerable; prior versions are not affected.


 

Privacy Statement
Copyright 2010, SecurityFocus