Page 3 of 12 results (0.002 seconds)

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) before 4.0.4 and 4.1, and RSA BSAFE SSL-C 2.8.9 and earlier allows remote attackers to cause a denial of service (memory corruption or segmentation fault) or possibly have unspecified other impact via crafted base64 data, a similar issue to CVE-2015-0292. Vulnerabilidad de desbordamiento inferior de entero en la implementación base64-decoding en EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x en versiones anteriores a 4.0.8 y 4.1.x en versiones anteriores a 4.1.3, RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) en versiones anteriores a 4.0.4 y 4.1 y RSA BSAFE SSL-C 2.8.9 y anteriores, permite a atacantes remotos causar una denegación de servicio (corrupción de memoria o fallo de segmentación) o posiblemente tener otro impacto no especificado a través de datos base64 manipulados, un problema similar a CVE-2015-0292. • http://seclists.org/bugtraq/2015/Aug/84 http://www.securityfocus.com/bid/76377 http://www.securitytracker.com/id/1033299 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier allow remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message, a similar issue to CVE-2014-3572. Vulnerabilidad en EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x en versiones anteriores a 4.0.8 y 4.1.x en versiones anteriores a 4.1.3 y RSA BSAFE SSL-C 2.8.9 y versiones anteriores, permite a servidores SSL remotos llevar a cabo ataques de degradación ECDHE-to-ECDH y desencadenar una pérdida de confidencialidad directa omitiendo el mensaje ServerKeyExchange, un problema similar a la CVE-2015-3572. • http://seclists.org/bugtraq/2015/Aug/84 http://www.securityfocus.com/bid/76377 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •