CVE-2002-0941

Опубликовано: 04 окт. 2002

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html
http://www.iss.net/security_center/static/9354.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5024
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html
http://www.iss.net/security_center/static/9354.php
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5024
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ncipher:nforce:*:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:h:ncipher:nshield:*:*:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.00156

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jx7j-h9w4-xcmv

github

почти 4 года назад