CVE-2009-0046
published 2009-01-07CVE-2009-0046: Sun GridEngine 5.3 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass…
medium5CVSS 3.1
AVNACLAuNCPINAN
Sun GridEngine 5.3 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sun | grid_engine | <= 5.3 | — |
| sun | grid_engine | — | — |