Search for vulnerabilities
Vulnerability details: VCID-sff8-8d57-aaac
Vulnerability ID VCID-sff8-8d57-aaac
Aliases CVE-2003-0543
VC-OPENSSL-20030930-CVE-2003-0543
Summary An integer overflow could allow remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
Status Published
Exploitability 2.0
Weighted Severity 6.2
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.43202 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43202 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43202 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43202 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43202 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43202 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43202 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43202 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.43963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.49338 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.91963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.91963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.91963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.91963 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.95512 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.95512 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.95512 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.95512 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.95512 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.95512 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.95512 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.95512 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.95512 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
epss 0.95512 https://api.first.org/data/v1/epss?cve=CVE-2003-0543
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=104893
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2003-0543
Reference id Reference type URL
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=104893
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0543.json
https://api.first.org/data/v1/epss?cve=CVE-2003-0543
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0543
http://secunia.com/advisories/22249
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4254
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5292
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201029-1
https://www.openssl.org/news/secadv/20030930.txt
http://www-1.ibm.com/support/docview.wss?uid=swg21247112
http://www.cert.org/advisories/CA-2003-26.html
http://www.debian.org/security/2003/dsa-393
http://www.debian.org/security/2003/dsa-394
http://www.kb.cert.org/vuls/id/255484
http://www.linuxsecurity.com/advisories/engarde_advisory-3693.html
http://www.redhat.com/support/errata/RHSA-2003-291.html
http://www.redhat.com/support/errata/RHSA-2003-292.html
http://www.securityfocus.com/bid/8732
http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm
http://www.vupen.com/english/advisories/2006/3900
104893 https://bugzilla.redhat.com/show_bug.cgi?id=104893
cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*
CVE-2003-0543 https://nvd.nist.gov/vuln/detail/CVE-2003-0543
OSVDB-3949;CVE-2003-0543 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/146.c
RHSA-2003:290 https://access.redhat.com/errata/RHSA-2003:290
RHSA-2003:291 https://access.redhat.com/errata/RHSA-2003:291
RHSA-2003:292 https://access.redhat.com/errata/RHSA-2003:292
RHSA-2003:293 https://access.redhat.com/errata/RHSA-2003:293
Data source Exploit-DB
Date added Oct. 8, 2003
Description OpenSSL ASN.1 < 0.9.6j/0.9.7b - Brute Forcer for Parsing Bugs
Ransomware campaign use Known
Source publication date Oct. 9, 2003
Exploit type dos
Platform multiple
Source update date Sept. 19, 2016
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2003-0543
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.97323
EPSS Score 0.43202
Published At June 5, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.