CVE-2002-1446
The CVE-2002-1446 entry concerns the nCipher PKCS#11 library (version 1.2.0 and later). The C_Verify error checking routine for a symmetric verification key can return CKR_OK even when it detects an invalid signature, creating a vulnerability where remote attackers could modify or forge messages....