CVE-2011-4577
Description
OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address blocks or (2) Autonomous System (AS) identifiers.
Risk Information
Base Score
7.5
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
2.787
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2012-0027,CVE-2011-4619,CVE-2011-4577,CVE-2011-4576,CVE-2011-4108 are fixed in OpenSSL (x64) 1.0.0f | Windows |
| Multiple vulnerabilities fixed in OpenSSL (x64) 0.9.8s | Windows |
| CVE-2011-4577 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234