CVE-2003-0545

Critical

Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code…

mitre·CWE-415·Published 2003-10-01

CVSS

9.8

EPSS

0.85

KEV

Exploits

cve.orgen

208 chars

Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.

NVDen

208 chars

NVDes

261 chars

Vulnerabilidad de doble liberación (de memoria) en OpenSSL 0.9.7 permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario mediante un certificado de cliente SSL con una cierta condificación ASN.1 no válida.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	10.0	10.0	10.0	AV:N/AC:L/Au:N/C:C/I:C/A:C
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H