Lucene search

PRIOn knowledge basePRION:CVE-2007-2640

HistoryMay 13, 2007 - 11:19 p.m.

Information disclosure

2007-05-1323:19:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

LibTMCG before 1.1.1 does not perform a range check to avoid “trivial group generators,” which allows attackers to obtain sensitive information about private cards.

CPENameOperatorVersion
libtmcgeq1.0
libtmcgeq1.1
libtmcgeq1.0.1

Name	Operator	Version
libtmcg	eq	1.0
libtmcg	eq	1.1
libtmcg	eq	1.0.1

References

osvdb.org/34772

savannah.nongnu.org/forum/forum.php?forum_id=4847

secunia.com/advisories/25317

www.securityfocus.com/bid/23930

www.vupen.com/english/advisories/2007/1760

exchange.xforce.ibmcloud.com/vulnerabilities/34235

6.5 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

Related for PRION:CVE-2007-2640

cve1