Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-3073

Опубликовано: 17 сент. 2010
Источник: nvd
CVSS2: 2.1
EPSS Низкий

Описание

SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:arg0:encfs:*:*:*:*:*:*:*:*
Версия до 1.6.0 (включая)
cpe:2.3:a:arg0:encfs:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:arg0:encfs:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:arg0:encfs:1.4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:arg0:encfs:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:arg0:encfs:1.5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 37%
0.00159
Низкий

2.1 Low

CVSS2

Дефекты

CWE-310

Связанные уязвимости

ubuntu логотип

CVE-2010-3073

ubuntu
больше 15 лет назад

SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.

debian логотип

CVE-2010-3073

debian
больше 15 лет назад

SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer ...

github логотип

GHSA-gr5x-6f83-c4g4

github
больше 3 лет назад

SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.

EPSS

Процентиль: 37%
0.00159
Низкий

2.1 Low

CVSS2

Дефекты

CWE-310