4 matches found
CVE-2014-4192
The DualECDRBG implementation in EMC RSA BSAFE-C Toolkits aka Share for C and C++ processes certain requests for output bytes by considering only the requested byte count and not the use of cached bytes, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recoverin...
Security Bulletin: IBM WebSphere Transformation Extender Secure Adapter Collection vulnerabilities: RSA BSAFE-C (CVE-2014-4191, CVE-2014-4192) and SSLv3 (CVE-2014-3566)
Summary EMC RSA BSAFE-C Toolkits, utilized by WebSphere Transformation Extender Secure Adapter Collection, could allow a remote attacker to obtain sensitive information. Additionally, SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption...
CVE-2014-4192
CVE-2014-4192 affects EMC RSA BSAFE-C Toolkits (Share for C/C++) Dual_EC_DRBG. The vulnerability arises from how output bytes are produced: the implementation uses the requested byte count without considering cached bytes, enabling recovery of the algorithm’s inner state and potential plaintext e...
CVE-2014-4192
The DualECDRBG implementation in EMC RSA BSAFE-C Toolkits aka Share for C and C++ processes certain requests for output bytes by considering only the requested byte count and not the use of cached bytes, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recoverin...