{"id":"CVE-2009-0050","details":"Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.","modified":"2026-04-10T03:40:32.578962Z","published":"2009-01-07T18:30:15Z","references":[{"type":"ADVISORY","url":"http://www.ocert.org/advisories/ocert-2008-016.html"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/499827/100/0/threaded"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/47837"}],"schema_version":"1.7.5"}