Unrated severityNVD Advisory· Published Jun 3, 2010· Updated Jun 16, 2026
CVE-2010-1633
CVE-2010-1633
Description
RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
- (no CPE)range: <1.0.0a
Patches
Vulnerability mechanics
References
9- www.vupen.com/english/advisories/2010/1313nvdPatchVendor Advisory
- secunia.com/advisories/40024nvdVendor Advisory
- cvs.openssl.org/chngviewnvd
- cvs.openssl.org/filediffnvd
- secunia.com/advisories/57353nvd
- www-01.ibm.com/support/docview.wssnvd
- www.openssl.org/news/secadv_20100601.txtnvd
- www.securityfocus.com/bid/40503nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.