CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-1620 – nss: TLS CBC padding timing attack
https://notcve.org/view.php?id=CVE-2013-1620
08 Feb 2013 — The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. La implementación en Mozilla Network Security Services (NSS) de TLS no tiene debidamente en cuenta tiempos de canal... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-203: Observable Discrepancy •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-3762
https://notcve.org/view.php?id=CVE-2009-3762
13 Jul 2010 — Unspecified vulnerability in Oracle OpenSSO Enterprise 8.0 allows remote attackers to affect integrity via unknown vectors. Vulnerabilidad sin especificar en Oracle OpenSSO Enterprise v8.0, permite a atacantes remotos comprometer la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2009-3763
https://notcve.org/view.php?id=CVE-2009-3763
13 Jul 2010 — Unspecified vulnerability in the Access Manager / OpenSSO component in Oracle OpenSSO Enterprise 7.1, 7, 2005Q4, and 8.0 allows remote attackers to affect integrity via unknown vectors. Vulnerabilidad no especificada en el componente Access Manager / OpenSSO de Oracle OpenSSO Enterprise v7.1, v7, v2005Q4, y v8.0, permite a atacantes remotos afectar la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-3764
https://notcve.org/view.php?id=CVE-2009-3764
13 Jul 2010 — Unspecified vulnerability in the OpenSSO component in Oracle OpenSSO Enterprise 8.0 allows remote attackers to affect integrity via unknown vectors. Vulnerabilidad sin especificar en el componente OpenSSO en Oracle OpenSSO Enterprise v8.0, permite a atacantes remotos comprometer la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2010-0894
https://notcve.org/view.php?id=CVE-2010-0894
13 Apr 2010 — Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suite 7.1, 7 2005Q4, and OpenSSO Enterprise 8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors. Vulnerabilidad no especificada en el componente Sun Java System Access Manager en Oracle Sun Product Suite v7.1, 7 2005Q4, y OpenSSO Enterprise v8.0 allows a atacantes afectar la confidencialidad e integridad a través de vectores desconocidos. • http://secunia.com/advisories/39431 •