OpenSSL Cryptographic Issues Vulnerability - CVE-2011-1945

The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite does not properly implement curves over binary fields which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation.