Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
OpenSSL Improper Input Validation Vulnerability - CVE-2009-3245 - Vulnerability Database
OpenSSL

OpenSSL Improper Input Validation Vulnerability - CVE-2009-3245

Critical
Reference: CVE-2009-3245
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2009-3245
Title: OpenSSL Improper Input Validation Vulnerability
Overview:

OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c (2) crypto/bn/bn_gf2m.c (3) crypto/ec/ec2_smpl.c and (4) engines/e_ubsec.c which has unspecified impact and context-dependent attack vectors.