CVE-2014-0878
CVE-2014-0878
The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://secunia.com/advisories/59022http://secunia.com/advisories/59023http://secunia.com/advisories/59058http://secunia.com/advisories/61264https://exchange.xforce.ibmcloud.com/vulnerabilities/91084http://www-01.ibm.com/support/docview.wss?uid=swg21672043http://www-01.ibm.com/support/docview.wss?uid=swg21673836http://www-01.ibm.com/support/docview.wss?uid=swg21674539http://www-01.ibm.com/support/docview.wss?uid=swg21676672http://www-01.ibm.com/support/docview.wss?uid=swg21676703http://www-01.ibm.com/support/docview.wss?uid=swg21676746http://www-01.ibm.com/support/docview.wss?uid=swg21679610