CVE-2003-0851

CWE-3996 documents6 sources

Severity

5.0MEDIUM

EPSS

4.2%

top 11.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedDec 1

Latest updateMay 3

Description

OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

▶NVDopenssl/openssl15 versions+14

▶NVDcisco/ios4 versions+3

GHSA

GHSA-m2h2-rm4v-5p5x: OpenSSL 0↗2022-05-03

▶

CVEList

CVE-2003-0851: OpenSSL 0↗2003-11-06

▶

Red Hat

security flaw↗2003-11-04

▶

Cisco

SSL Implementation Vulnerabilities↗2003-09-30

▶

Bugzilla

CVE-2003-0851 security flaw↗2018-08-16

▶