OpenSSL Project OpenSSL 1.0.2zj

CPE Details

OpenSSL Project OpenSSL 1.0.2zj
openssl
openssl
1.0.2zj
2023-12-08
23h30 +00:00
2023-12-08
23h30 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:openssl:openssl:1.0.2zj:*:*:*:*:*:*:*

Informations

Vendor

openssl

Product

openssl

Version

1.0.2zj

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2009-3765 2009-10-23 19h00 +00:00 mutt_ssl.c in mutt 1.5.19 and 1.5.20, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
6.8
CVE-2009-3766 2009-10-23 17h00 +00:00 mutt_ssl.c in mutt 1.5.16 and other versions before 1.5.19, when OpenSSL is used, does not verify the domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
6.8
CVE-2009-3767 2009-10-23 17h00 +00:00 libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
4.3
CVE-2009-1390 2009-06-16 18h26 +00:00 Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) GnuTLS (mutt_ssl_gnutls.c), allows connections when only one TLS certificate in the chain is accepted instead of verifying the entire chain, which allows remote attackers to spoof trusted servers via a man-in-the-middle attack.
6.8