13 matches found
EUVD-2018-3099
Malware in sbrugna...
The vulnerability of the RSA BSAFE Micro Edition Suite and BSAFE Crypto-C Micro Edition security tools lies in their improper verification of cryptographic signatures. This allows a malicious actor to execute arbitrary code in the context of the current user.
The vulnerability of the RSA BSAFE Micro Edition Suite and BSAFE Crypto-C Micro Edition security tools is related to improper verification of the cryptographic signature. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the context of the current user...
CVE-2019-3729
RSA BSAFE Micro Edition Suite versions prior to 4.4 in 4.0.x, 4.1.x, 4.2.x and 4.3.x are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. A malicious user with adjacent network access could potentially exploit this vulnerability to cause a crash in the librar...
CVE-2019-3729
The vulnerability CVE-2019-3729 affects RSA BSAFE Micro Edition Suite versions prior to 4.4 (4.0.x, 4.1.x, 4.2.x, 4.3.x). The issue is a heap-based buffer overflow that occurs when parsing an ECDSA signature, which an adjacent-network attacker could potentially exploit to cause a crash in the aff...
CVE-2019-3729
RSA BSAFE Micro Edition Suite versions prior to 4.4 in 4.0.x, 4.1.x, 4.2.x and 4.3.x are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. A malicious user with adjacent network access could potentially exploit this vulnerability to cause a crash in the librar...
CVE-2019-3730
Dell RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x) are affected by an Information Exposure Through an Error Message vulnerability (padding oracle). A remote attacker could potentially exploit this to extract sensitive information, per CVE...
CVE-2019-3730
RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 in 4.1.x and prior to 4.4 in 4.2.x and 4.3.x, are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a “padding oracle attack vulnerability”. A malicious remote user could potentially exploit this...
CVE-2018-11057
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 in 4.0.x and prior to 4.1.6.1 in 4.1.x contains a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key...
CVE-2018-11054
RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service...
CVE-2018-11054
RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service...
CVE-2018-11057
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 in 4.0.x and prior to 4.1.6.1 in 4.1.x contains a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key...
CVE-2018-11055
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 in 4.0.x and prior to 4.1.6.1 in 4.1.x, contains an Improper Clearing of Heap Memory Before Release 'Heap Inspection' vulnerability. Decoded PKCS 12 data in heap memory is not zeroized by MES before releasing the memory internally and a...
CVE-2014-0628
The server in EMC RSA BSAFE Micro Edition Suite MES 4.0.x before 4.0.5 does not properly process certificate chains, which allows remote attackers to cause a denial of service daemon crash via unspecified vectors...