Vulnerability Details CVE-2008-7129
XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X.509 certificate that does not pass the RSA signature check during verification.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://osvdb.org/49101
- http://polarssl.org/?archive#001c
- http://www.vupen.com/english/advisories/2008/0917
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41255
- http://osvdb.org/49101
- http://polarssl.org/?archive#001c
- http://www.vupen.com/english/advisories/2008/0917
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41255
Products affected by CVE-2008-7129
-
cpe:2.3:a:xyssl:xyssl:*
-
cpe:2.3:a:xyssl:xyssl:0.1
-
cpe:2.3:a:xyssl:xyssl:0.2
-
cpe:2.3:a:xyssl:xyssl:0.3
-
cpe:2.3:a:xyssl:xyssl:0.4
-
cpe:2.3:a:xyssl:xyssl:0.5
-
cpe:2.3:a:xyssl:xyssl:0.6
-
cpe:2.3:a:xyssl:xyssl:0.7