Openssl » Openssl » 0.9.6i : Security Vulnerabilities, CVEs, Published In 2010 (Code Execution)

cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*

CVE-2010-0742

The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors.
Max CVSS
7.5
EPSS Score
25.10%
Published
2010-06-03
Updated
2017-09-19
1 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close