Produkt Xyssl (...) - CVEMAP.ORG

Podatności dla 'Xyssl'

2009-08-31

CVE-2008-7129

XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X.509 certificate that does not pass the RSA signature check during verification.

CVE-2008-7128

The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors.

Copyright 2024, cxsecurity.com