SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2010-09-17T17:46:00
Updated: 2011-01-15T10:00:00
Reserved: 2010-08-20T00:00:00
Link: CVE-2010-3073
JSON object: View
NVD Information
Status : Modified
Published: 2010-09-17T18:00:02.493
Modified: 2011-01-14T06:46:32.497
Link: CVE-2010-3073
JSON object: View
Redhat Information
No data.
CWE