3 matches found
ESA-2014-009: RSA BSAFE® SSL-J Multiple Vulnerabilities
ESA-2014-009.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-009: RSA BSAFE® SSL-J Multiple Vulnerabilities EMC Identifier: ESA-2014-009 CVE Identifier: CVE-2011-1473, CVE-2014-0625, CVE-2014-0626, CVE-2014-0627 Severity Rating: CVSS v2 Base Score: See below for individual scores...
CVE-2014-0626
The 1 JSAFE and 2 JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering application-data processing during the TLS handshake, a time at which the data is both unencrypted and...
CVE-2014-0626
The RSA BSAFE SSL-J vulnerability CVE-2014-0626 affects SSL-J 5.x (before 5.1.3) and 6.x (before 6.0.2). The JSAFE and JSSE APIs can process application data during the TLS handshake, exposing data unencrypted and unauthenticated and enabling potential information disclosure at handshake time. Ac...