CVSS: 4.7EPSS: 0%CPEs: 8EXPL: 1CVE-2019-15809
https://notcve.org/view.php?id=CVE-2019-15809
Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because the Atmel Toolbox 00.03.11.05 contains two versions of ECDSA signature functions, described as fast and secure, but the affected cards chose to use the fast version, which leaks the bit length of the random nonce via timing. This affects Athena IDProtect 010b.0352.0005, Athena IDProtect 010e.1245.0002, Athena IDProtect 0106.0130.0401, Athena IDProtect 010e.1245.0002, Valid S/A IDflex V 010b.0352.0005, SafeNet eToken 4300 010e.1245.0002, TecSec Armored Card 010e.0264.0001, and TecSec Armored Card 108.0264.0001. Se detectó que la corrección para CVE-2014-0114 había sido revertido en JBoss Operations Network 3 (JON). • http://www.openwall.com/lists/oss-security/2019/10/02/2 https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/details?source=ECDSA&number=214 https://eprint.iacr.org/2011/232.pdf https://minerva.crocs.fi.muni.cz https://tches.iacr.org/index.php/TCHES/article/view/7337 https://www.ssi.gouv.fr/certification_cc/bibliotheque-cryptographique-atmel-toolbox-00-03-11-05 • CWE-203: Observable Discrepancy •
CVSS: 9.3EPSS: 3%CPEs: 1EXPL: 1CVE-2009-1674 – MPLAB IDE 8.30 - '.mcp' Universal Overwrite (SEH)
https://notcve.org/view.php?id=CVE-2009-1674
Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a [TOOL_SETTINGS] section in a .mcp file, possibly a related issue to CVE-2009-1608. Desbordamiento de búfer basado en pila en Microchip MPLAB IDE v8.30 permite a atacantes remotos asistidos por usuarios, ejecutar código de su elección a través de un nombre de Path .cof largo en una sección [TOOL_SETTINGS] en un fichero .mcp, posiblemente relacionado con CVE-2009-1608. • https://www.exploit-db.com/exploits/8656 http://secunia.com/advisories/35054 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 6%CPEs: 1EXPL: 2CVE-2009-1608 – MPLAB IDE 8.30 - '.mcp' Universal Overwrite (SEH)
https://notcve.org/view.php?id=CVE-2009-1608
Multiple buffer overflows in Microchip MPLAB IDE 8.30 and possibly earlier versions allow user-assisted remote attackers to execute arbitrary code via a .MCP project file with long (1) FILE_INFO, (2) CAT_FILTERS, and possibly other fields. Múltiples desbordamientos de búfer en MPLAB IDE v8.30 y posiblemente versiones anteriores. Permiten a atacantes remotos asistidos por el usuario ejecutar código de su elección a través de un fichero de proyecto .MCP con largos (1) FILE_INFO, (2) CAT_FILTERS y posiblemente otros campos. • https://www.exploit-db.com/exploits/8656 http://osvdb.org/54370 http://secunia.com/advisories/35054 http://security.bkis.vn/?p=654 http://www.securityfocus.com/archive/1/503400/100/0/threaded http://www.securityfocus.com/bid/34897 https://exchange.xforce.ibmcloud.com/vulnerabilities/50418 https://exchange.xforce.ibmcloud.com/vulnerabilities/50419 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 1%CPEs: 4EXPL: 0CVE-2006-2482
https://notcve.org/view.php?id=CVE-2006-2482
Heap-based buffer overflow in the TZipTV component in (1) ZipTV for Delphi 7 2006.1.26 and for C++ Builder 2006-1.16, (2) PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221, and possibly other products, allows user-assisted attackers to execute arbitrary code via an ARJ archive with a long header. NOTE: the ACE archive vector is covered by CVE-2005-2856. Desbordamiento de búfer basado en montón en el componente ZipTV en (1) ZipTV para Delphi 7 26/01/2006 y para C++ Builder 16/01/2006, (2) PentaZip 8.5.1.190 y PentaSuite-PRO 8.5.1.221,y posiblemente otros productos, permite a un atacante remoto con la complicidad del usuario ejecutar código de su elección a través de un archivo ARJ con una gran cabecera. NOTA: el archivo vector ACE está cubierto por CVE-2005-2856. • http://secunia.com/advisories/20270 http://secunia.com/advisories/21458 http://secunia.com/secunia_research/2006-50/advisory http://secunia.com/secunia_research/2006-72/advisory http://www.securityfocus.com/bid/19884 http://www.vupen.com/english/advisories/2006/3495 http://www.vupen.com/english/advisories/2007/0235 https://exchange.xforce.ibmcloud.com/vulnerabilities/28785 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •