CVE-2009-0789
Publication date 27 March 2009
Last updated 24 July 2024
Ubuntu priority
OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service (invalid memory access and application crash) by placing this structure in the public key of a certificate, as demonstrated by an RSA public key.
Notes
jdstrand
only affects platforms where sizeof(long) < sizeof(void *). These are equal on all releases/architectures, thus Ubuntu is not affected.