CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2015-2141
https://notcve.org/view.php?id=CVE-2015-2141
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote attackers to obtain private keys via a timing attack. La función InvertibleRWFunction::CalculateInverse en rw.cpp en libcrypt++ 5.6.2 no ciega correctamente las operaciones de claves privadas para el algoritmo de la firma digital Rabin-Williams, lo que permite a atacantes remotos obtener claves privadas a través de un ataque de tiempos. • http://lists.opensuse.org/opensuse-updates/2015-07/msg00047.html http://sourceforge.net/p/cryptopp/code/542 http://www.debian.org/security/2015/dsa-3296 http://www.securityfocus.com/bid/75467 https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •