72 matches found
CVE-2014-4191
The TLS implementation in EMC RSA BSAFE-C Toolkits aka Share for C and C++ sends a long series of random bytes during use of the DualECDRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than...
EUVD-2015-0549
Malware in sbrugna...
EUVD-2014-0658
Malware in sbrugna...
EUVD-2016-9060
Malware in sbrugna...
EUVD-2015-0548
Malware in sbrugna...
EUVD-2016-0934
Malware in sbrugna...
EUVD-2014-4121
Malware in sbrugna...
EUVD-2014-0667
Malware in sbrugna...
EUVD-2017-14094
Malware in sbrugna...
EUVD-2014-4122
Malware in sbrugna...
EUVD-2014-4120
Malware in sbrugna...
EUVD-2014-0659
Malware in sbrugna...
EUVD-2015-0546
Malware in sbrugna...
Security Bulletin: IBM WebSphere Transformation Extender Secure Adapter Collection vulnerabilities: RSA BSAFE-C (CVE-2014-4191, CVE-2014-4192) and SSLv3 (CVE-2014-3566)
Summary EMC RSA BSAFE-C Toolkits, utilized by WebSphere Transformation Extender Secure Adapter Collection, could allow a remote attacker to obtain sensitive information. Additionally, SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption...
CVE-2017-4981
EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing vulnerability...
Design/Logic Flaw
EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing vulnerability...
CVE-2017-4981
EMC RSA BSAFE Cert-C before 2.9.0.5 contains a potential improper certificate processing vulnerability...
CVE-2016-8217
EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS12 file to the toolkit and...
CVE-2016-8212
An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to 6.2.2. There is an Improper OCSP Validation Vulnerability. OCSP responses have two time values: thisUpdate and nextUpdate. These specify a validity period; however, both values are optional. Crypto-J treats the lack of a nextUpda...
Design/Logic Flaw
EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS12 file to the toolkit and...