| Max CVSS | 7.8 | Min CVSS | 1.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-2940 | 7.8 |
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates tha
|
18-10-2018 - 16:44 | 28-09-2006 - 18:07 | |
| CVE-2006-4339 | 4.3 |
OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key
|
17-10-2018 - 21:35 | 05-09-2006 - 17:04 | |
| CVE-2007-3108 | 1.2 |
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
|
16-10-2018 - 16:47 | 08-08-2007 - 01:17 | |
| CVE-2005-2969 | 5.0 |
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allow
|
03-05-2018 - 01:29 | 18-10-2005 - 21:02 |