← Back

CVE-2003-0545

nvd nist
Published: Nov 17, 2003Modified: Apr 16, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.

Affected (2)

Products: Openssl: Openssl
Openssl
1 product
Openssl
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Openssl
Openssl
Version 0.9.6
Openssl
Version 0.9.7

Related CWEs

CWE-415
Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (20)

Source: cve@mitre.org
Broken LinkVendor Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Broken LinkPatchVendor Advisory
Source: cve@mitre.org
Broken LinkThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Broken LinkPatchVendor Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.