CVE

Id
40680  
CVE No.
CVE-2009-3245  
Status
Candidate  
Description
OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.  
Phase
Assigned (20090918)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
446320 40680 CVE-2009-3245 MLIST:[openssl-cvs] 20100223 OpenSSL: OpenSSL_0_9_8-stable: openssl/ CHANGES openssl/crypto/b...  View
446321 40680 CVE-2009-3245 URL:http://marc.info/?l=openssl-cvs&m=126692180606861&w=2  View
446322 40680 CVE-2009-3245 MLIST:[openssl-cvs] 20100223 OpenSSL: OpenSSL_1_0_0-stable: openssl/crypto/bn/ bn_div.c bn_gf...  View
446323 40680 CVE-2009-3245 URL:http://marc.info/?l=openssl-cvs&m=126692159706582&w=2  View
446324 40680 CVE-2009-3245 MLIST:[openssl-cvs] 20100223 OpenSSL: openssl/crypto/bn/ bn_div.c bn_gf2m.c openssl/crypto/ec...  View
446325 40680 CVE-2009-3245 URL:http://marc.info/?l=openssl-cvs&m=126692170906712&w=2  View
446326 40680 CVE-2009-3245 MLIST:[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released  View
446327 40680 CVE-2009-3245 URL:https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html  View
446328 40680 CVE-2009-3245 MLIST:[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released  View
446329 40680 CVE-2009-3245 URL:https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html  View
446330 40680 CVE-2009-3245 CONFIRM:http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc  View
446331 40680 CVE-2009-3245 CONFIRM:https://kb.bluecoat.com/index?page=content&id=SA50  View
446332 40680 CVE-2009-3245 CONFIRM:http://support.apple.com/kb/HT4723  View
446333 40680 CVE-2009-3245 APPLE:APPLE-SA-2011-06-23-1  View
446334 40680 CVE-2009-3245 URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html  View
446335 40680 CVE-2009-3245 FEDORA:FEDORA-2010-5744  View
446336 40680 CVE-2009-3245 URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html  View
446337 40680 CVE-2009-3245 FEDORA:FEDORA-2010-5357  View
446338 40680 CVE-2009-3245 URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html  View
446339 40680 CVE-2009-3245 HP:HPSBOV02540  View
446340 40680 CVE-2009-3245 URL:http://marc.info/?l=bugtraq&m=127678688104458&w=2  View
446341 40680 CVE-2009-3245 HP:HPSBUX02517  View
446342 40680 CVE-2009-3245 URL:http://marc.info/?l=bugtraq&m=127128920008563&w=2  View
446343 40680 CVE-2009-3245 HP:SSRT100058  View
446344 40680 CVE-2009-3245 URL:http://marc.info/?l=bugtraq&m=127128920008563&w=2  View
446345 40680 CVE-2009-3245 MANDRIVA:MDVSA-2010:076  View
446346 40680 CVE-2009-3245 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:076  View
446347 40680 CVE-2009-3245 REDHAT:RHSA-2010:0977  View
446348 40680 CVE-2009-3245 URL:http://www.redhat.com/support/errata/RHSA-2010-0977.html  View
446349 40680 CVE-2009-3245 REDHAT:RHSA-2011:0896  View
446350 40680 CVE-2009-3245 URL:http://www.redhat.com/support/errata/RHSA-2011-0896.html  View
446351 40680 CVE-2009-3245 SLACKWARE:SSA:2010-060-02  View
446352 40680 CVE-2009-3245 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049  View
446353 40680 CVE-2009-3245 SUSE:SUSE-SR:2010:013  View
446354 40680 CVE-2009-3245 URL:http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html  View
446355 40680 CVE-2009-3245 UBUNTU:USN-1003-1  View
446356 40680 CVE-2009-3245 URL:http://www.ubuntu.com/usn/USN-1003-1  View
446357 40680 CVE-2009-3245 BID:38562  View
446358 40680 CVE-2009-3245 URL:http://www.securityfocus.com/bid/38562  View
446359 40680 CVE-2009-3245 OVAL:oval:org.mitre.oval:def:9790  View
446360 40680 CVE-2009-3245 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9790  View
446361 40680 CVE-2009-3245 OVAL:oval:org.mitre.oval:def:11738  View
446362 40680 CVE-2009-3245 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11738  View
446363 40680 CVE-2009-3245 OVAL:oval:org.mitre.oval:def:6640  View
446364 40680 CVE-2009-3245 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6640  View
446365 40680 CVE-2009-3245 SECUNIA:38761  View
446366 40680 CVE-2009-3245 URL:http://secunia.com/advisories/38761  View
446367 40680 CVE-2009-3245 SECUNIA:39461  View
446368 40680 CVE-2009-3245 URL:http://secunia.com/advisories/39461  View
446369 40680 CVE-2009-3245 SECUNIA:39932  View
446370 40680 CVE-2009-3245 URL:http://secunia.com/advisories/39932  View
446371 40680 CVE-2009-3245 SECUNIA:42724  View
446372 40680 CVE-2009-3245 URL:http://secunia.com/advisories/42724  View
446373 40680 CVE-2009-3245 SECUNIA:42733  View
446374 40680 CVE-2009-3245 URL:http://secunia.com/advisories/42733  View
446375 40680 CVE-2009-3245 SECUNIA:37291  View
446376 40680 CVE-2009-3245 URL:http://secunia.com/advisories/37291  View
446377 40680 CVE-2009-3245 VUPEN:ADV-2010-0839  View
446378 40680 CVE-2009-3245 URL:http://www.vupen.com/english/advisories/2010/0839  View
446379 40680 CVE-2009-3245 VUPEN:ADV-2010-0933  View
446380 40680 CVE-2009-3245 URL:http://www.vupen.com/english/advisories/2010/0933  View
446381 40680 CVE-2009-3245 VUPEN:ADV-2010-0916  View
446382 40680 CVE-2009-3245 URL:http://www.vupen.com/english/advisories/2010/0916  View
446383 40680 CVE-2009-3245 VUPEN:ADV-2010-1216  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
45309 JVNDB-2009-006316 vtiger CRM におけるディレクトリトラバーサルの脆弱性 vtiger CRM は、modules/Import/index.php および multiple Import.php ファイルに関する処理に不備があるため、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2009-3249 40680 7.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-006316.html  View