Search for vulnerabilities
Vulnerability details: VCID-j94u-8tzs-aaab
Vulnerability ID VCID-j94u-8tzs-aaab
Aliases CVE-2003-0545
VC-OPENSSL-20030930-CVE-2003-0545
Summary Certain ASN.1 encodings that were rejected as invalid by the parser could trigger a bug in the deallocation of the corresponding data structure, corrupting the stack, leading to a crash.
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-415 Double Free
System Score Found at
epss 0.41207 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.41207 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.41207 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.41207 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.57962 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.57962 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.57962 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.57962 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.57962 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.57962 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.57962 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.57962 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.57962 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.57962 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.57962 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.57962 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.74574 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.74574 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.74574 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.74574 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.74574 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.74574 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.74574 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.74574 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.7524 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
epss 0.81546 https://api.first.org/data/v1/epss?cve=CVE-2003-0545
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=104893
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2003-0545
cvssv3 9.8 https://nvd.nist.gov/vuln/detail/CVE-2003-0545
cvssv3.1 9.8 https://nvd.nist.gov/vuln/detail/CVE-2003-0545
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0545.json
https://api.first.org/data/v1/epss?cve=CVE-2003-0545
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0545
http://secunia.com/advisories/22249
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2590
https://www.openssl.org/news/secadv/20030930.txt
http://www-1.ibm.com/support/docview.wss?uid=swg21247112
http://www.cert.org/advisories/CA-2003-26.html
http://www.debian.org/security/2003/dsa-394
http://www.kb.cert.org/vuls/id/935264
http://www.redhat.com/support/errata/RHSA-2003-292.html
http://www.securityfocus.com/bid/8732
http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm
http://www.vupen.com/english/advisories/2006/3900
104893 https://bugzilla.redhat.com/show_bug.cgi?id=104893
cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
CVE-2003-0545 https://nvd.nist.gov/vuln/detail/CVE-2003-0545
RHSA-2003:292 https://access.redhat.com/errata/RHSA-2003:292
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2003-0545
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2003-0545
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2003-0545
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.97338
EPSS Score 0.41207
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.