Lucene search
MitreCVELIST:CVE-2016-7420HistorySep 16, 2016 - 12:00 a.m.
CVE-2016-7420
2016-09-1600:00:00
mitre
www.cve.org
Crypto++ (aka cryptopp) through 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent attackers to obtain sensitive information by leveraging access to process memory after an assertion failure, as demonstrated by reading a core dump.
References
www.openwall.com/lists/oss-security/2016/09/15/12
www.openwall.com/lists/oss-security/2016/09/16/1
www.openwall.com/lists/oss-security/2023/09/28/2
www.openwall.com/lists/oss-security/2023/09/28/4
www.securityfocus.com/bid/92988
github.com/weidai11/cryptopp/commit/553049ba297d89d9e8fbf2204acb40a8a53f5cd6
github.com/weidai11/cryptopp/issues/277
Related
ubuntucve
ubuntucve
CVE-2016-7420
2016-09-16 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2016-0333)
2022-01-28 00:00:00
Fedora Update for cryptopp FEDORA-2018-a0a356fb68
2018-03-14 00:00:00
Fedora Update for cryptopp FEDORA-2018-5a249b4214
2018-03-21 00:00:00
cve
cve
CVE-2016-7420
2016-09-16 05:59:15
mageia
mageia
Updated libcryptopp packages fix security vulnerability
2016-10-04 15:20:54
nvd
nvd
CVE-2016-7420
2016-09-16 05:59:15
prion
prion
Design/Logic Flaw
2016-09-16 05:59:00
archlinux
archlinux
[ASA-201610-8] crypto++: information disclosure
2016-10-12 00:00:00
debiancve
debiancve
CVE-2016-7420
2016-09-16 05:59:15
fedora
fedora
[SECURITY] Fedora 27 Update: cryptopp-5.6.5-2.fc27
2018-03-06 17:34:48
[SECURITY] Fedora 26 Update: cryptopp-5.6.5-2.fc26
2018-03-20 17:37:26
freebsd
freebsd
cryptopp -- multiple vulnerabilities
2015-02-27 00:00:00
nessus
nessus
kitploit
kitploit
arch-audit - An utility like pkg-audit for Arch Linux
2016-10-15 14:30:00