2 matches found
CVE-2015-8960
The CVE-2015-8960 entry concerns TLS protocol versions 1.2 and earlier. The root cause is that certain ClientCertificateType values (rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, ecdsa_fixed_ecdh) are supported but the protocol does not document the ability to compute the master secret in scenarios...
CVE-2015-8960
The TLS protocol 1.2 and earlier supports the rsafixeddh, dssfixeddh, rsafixedecdh, and ecdsafixedecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server...