{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-09T00:00:00", "descriptions": [{"lang": "en", "value": "The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to \"a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-11-16T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"}, {"name": "50358", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/50358"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.bouncycastle.org/csharp/"}, {"name": "50360", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/50360"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.bouncycastle.org/releasenotes.html"}, {"name": "50359", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/50359"}, {"name": "[dev-crypto] 20071109 Bouncy Castle Crypto Provider Package version 1.36 now available", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6721", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to \"a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580", "refsource": "CONFIRM", "url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"}, {"name": "50358", "refsource": "OSVDB", "url": "http://www.osvdb.org/50358"}, {"name": "http://www.bouncycastle.org/csharp/", "refsource": "CONFIRM", "url": "http://www.bouncycastle.org/csharp/"}, {"name": "50360", "refsource": "OSVDB", "url": "http://www.osvdb.org/50360"}, {"name": "http://www.bouncycastle.org/releasenotes.html", "refsource": "CONFIRM", "url": "http://www.bouncycastle.org/releasenotes.html"}, {"name": "50359", "refsource": "OSVDB", "url": "http://www.osvdb.org/50359"}, {"name": "[dev-crypto] 20071109 Bouncy Castle Crypto Provider Package version 1.36 now available", "refsource": "MLIST", "url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:18:20.431Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"}, {"name": "50358", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/50358"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.bouncycastle.org/csharp/"}, {"name": "50360", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/50360"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.bouncycastle.org/releasenotes.html"}, {"name": "50359", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/50359"}, {"name": "[dev-crypto] 20071109 Bouncy Castle Crypto Provider Package version 1.36 now available", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6721", "datePublished": "2009-03-30T01:00:00", "dateReserved": "2009-03-29T00:00:00", "dateUpdated": "2024-08-07T16:18:20.431Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A90E211-7A81-4DDE-9774-56A63E0CD8F3", "versionEndIncluding": "1.37", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "FAF60BAE-BA1B-49A3-B594-3B7336F602AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.02:*:*:*:*:*:*:*", "matchCriteriaId": "AFDD300D-43A1-4E72-9BB6-E3141A7B3CF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.03:*:*:*:*:*:*:*", "matchCriteriaId": "D0C5F2A1-BBE1-4EC1-8324-64A8DC19DCE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.04:*:*:*:*:*:*:*", "matchCriteriaId": "663B6F4C-1997-4651-ADA0-E061BBCA543F", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.05:*:*:*:*:*:*:*", "matchCriteriaId": "311A950B-0152-4556-B7A0-8A1D355A095D", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.06:*:*:*:*:*:*:*", "matchCriteriaId": "D8778B34-92B6-41F7-AA5E-55127155C6D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.07:*:*:*:*:*:*:*", "matchCriteriaId": "3E1EAB5C-D9FE-4499-9FF2-D7C498A5CD38", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.08:*:*:*:*:*:*:*", "matchCriteriaId": "3A14408B-F008-4AFB-A3C4-E468E5D8871B", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.09:*:*:*:*:*:*:*", "matchCriteriaId": "9EF6CBA3-D974-4D9D-A5C6-5E8CB9C5E7D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.10:*:*:*:*:*:*:*", "matchCriteriaId": "02092572-B188-4A8E-9745-1E93DEA818BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.11:*:*:*:*:*:*:*", "matchCriteriaId": "2FC51E9F-1B88-499C-B2D1-BC5B1427F5AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.12:*:*:*:*:*:*:*", "matchCriteriaId": "C5FC15CF-FC0E-4E74-9936-546E51C86975", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.13:*:*:*:*:*:*:*", "matchCriteriaId": "318F8819-2E27-4E5C-A62E-DBEE060AACD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.14:*:*:*:*:*:*:*", "matchCriteriaId": "01B57AD2-B600-4949-91DE-87D3EAEEE01E", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.15:*:*:*:*:*:*:*", "matchCriteriaId": "63CE9915-2F36-4EE7-AEAE-7BA641ECAD1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.16:*:*:*:*:*:*:*", "matchCriteriaId": "E263B817-CA65-40E4-8BC9-D195A0F88E16", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.17:*:*:*:*:*:*:*", "matchCriteriaId": "31451E1E-4CCA-4B8B-AEB9-9C8A9918B9C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.18:*:*:*:*:*:*:*", "matchCriteriaId": "5A3438ED-8462-40E5-B433-9F67ED9A9110", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.19:*:*:*:*:*:*:*", "matchCriteriaId": "E3258C44-1D6E-4019-B332-80505B6B7B4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.20:*:*:*:*:*:*:*", "matchCriteriaId": "C0BB004D-1C69-4B39-890A-AE70D27518A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.21:*:*:*:*:*:*:*", "matchCriteriaId": "2ACBC626-EDBD-4C75-87ED-C78066670140", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.22:*:*:*:*:*:*:*", "matchCriteriaId": "2C3D8290-1839-4219-87C1-1A10FF5CF835", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.23:*:*:*:*:*:*:*", "matchCriteriaId": "4E605FF3-E6D8-4364-B098-4265CC490AD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.24:*:*:*:*:*:*:*", "matchCriteriaId": "E257CDDF-1D45-40F6-AF90-51B455440EA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.25:*:*:*:*:*:*:*", "matchCriteriaId": "85AA3FAB-F49F-4CC1-86E4-A2BCC90EAA6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.26:*:*:*:*:*:*:*", "matchCriteriaId": "5A8D2C13-72E2-4139-8EF6-2ABB21F6B199", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.27:*:*:*:*:*:*:*", "matchCriteriaId": "46AFFBE0-63F9-47E0-BDE4-73E9C3A30D4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.28:*:*:*:*:*:*:*", "matchCriteriaId": "CD114491-F727-4B7D-91C9-C20583035273", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.29:*:*:*:*:*:*:*", "matchCriteriaId": "12303E74-5E98-4F98-A21C-11EE30B74FDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.30:*:*:*:*:*:*:*", "matchCriteriaId": "B6F306E2-E7DE-45F9-880B-391F5BABE2C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.31:*:*:*:*:*:*:*", "matchCriteriaId": "FCB1F2FE-E911-438F-8CED-A77055231E7D", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.32:*:*:*:*:*:*:*", "matchCriteriaId": "C3AB6C8A-F2DD-42F7-B5B6-71E0EC1FCCCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.33:*:*:*:*:*:*:*", "matchCriteriaId": "8FB8EA15-253A-4A29-ACD4-FCCC217CC157", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.34:*:*:*:*:*:*:*", "matchCriteriaId": "0961397F-1859-41F9-A817-304D781BB050", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.35:*:*:*:*:*:*:*", "matchCriteriaId": "74052375-8653-494A-A4DF-012075DE91CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.36:*:*:*:*:*:*:*", "matchCriteriaId": "AEC6A374-2903-4E0C-A1C7-664B4F61AE92", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A91B639-B1FE-4794-845C-31D614B6EB2A", "versionEndIncluding": "1.35", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "AEE7175F-DC6C-4555-B9E0-0FCA0B86B826", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "E6019D20-B7C5-45E9-80A9-EF6A484E2307", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.02:*:*:*:*:*:*:*", "matchCriteriaId": "F74E7270-0289-4967-A291-5A03053CB68A", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.03:*:*:*:*:*:*:*", "matchCriteriaId": "BA120555-B228-471C-B00A-01F2D5144FD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3B4F44-B349-43A3-801F-38FCB53838E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.04:*:*:*:*:*:*:*", "matchCriteriaId": "A06BA9F6-30E4-4141-A995-A0F63ABF9D25", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.05:*:*:*:*:*:*:*", "matchCriteriaId": "DD5FEAE4-3792-4778-A199-CAEA59A66068", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.06:*:*:*:*:*:*:*", "matchCriteriaId": "1FB8FAE6-C6DA-456C-839D-A241493F54D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.07:*:*:*:*:*:*:*", "matchCriteriaId": "85BDABE2-E5A5-453C-B1EF-66EA5001191B", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.08:*:*:*:*:*:*:*", "matchCriteriaId": "083BB632-3482-4D99-9515-7D3969FA5577", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.09:*:*:*:*:*:*:*", "matchCriteriaId": "79EB74F9-E4A0-4C3F-9CCC-2157A8DD7EDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.11:*:*:*:*:*:*:*", "matchCriteriaId": "80AE1A3C-4A65-4C49-9C92-B196AF6EBFD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.12:*:*:*:*:*:*:*", "matchCriteriaId": "B43C3258-E651-4595-83D0-1E370DA2A969", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.13:*:*:*:*:*:*:*", "matchCriteriaId": "15899226-AE31-49B3-9C66-78E85FC4B628", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.14:*:*:*:*:*:*:*", "matchCriteriaId": "A0221377-D94B-4FAD-BAC9-C7179A4D355D", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.15:*:*:*:*:*:*:*", "matchCriteriaId": "B2EA98CD-0647-4C0C-B33B-55EEC218D69A", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.16:*:*:*:*:*:*:*", "matchCriteriaId": "8CC3C505-D136-4218-88E4-A89DE05E372D", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.17:*:*:*:*:*:*:*", "matchCriteriaId": "3D3DB77B-8E44-4A11-97C8-F4736C40EA72", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.18:*:*:*:*:*:*:*", "matchCriteriaId": "35DB68BA-906A-4B58-B93B-59E237A2DFB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.19:*:*:*:*:*:*:*", "matchCriteriaId": "423494D6-B192-4182-8B6E-AD6BB8E0DED9", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.20:*:*:*:*:*:*:*", "matchCriteriaId": "D05202FC-AC0B-4F66-BEBA-E8C1D650D9A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.21:*:*:*:*:*:*:*", "matchCriteriaId": "E9BE90FD-346A-4E1C-A768-333000ACE323", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.22:*:*:*:*:*:*:*", "matchCriteriaId": "393BCDA6-ED42-4173-8022-2CD1487EF004", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.23:*:*:*:*:*:*:*", "matchCriteriaId": "5F8237FE-937B-41AD-AB1B-8331FF409550", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.24:*:*:*:*:*:*:*", "matchCriteriaId": "9333C3E7-0050-4AB5-83FC-E683CCCAF614", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.25:*:*:*:*:*:*:*", "matchCriteriaId": "45EACB03-5B75-49D4-A24D-4117045BBE53", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.26:*:*:*:*:*:*:*", "matchCriteriaId": "7483646A-B9B4-4D14-BF02-900A1405F1FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.27:*:*:*:*:*:*:*", "matchCriteriaId": "D7BE8753-AA5A-4B71-96C4-D0F30F0FDF04", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.28:*:*:*:*:*:*:*", "matchCriteriaId": "A8967308-CB4F-47AB-8761-A8AC27247D17", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.29:*:*:*:*:*:*:*", "matchCriteriaId": "46FD4731-2314-465F-B9D7-CC907EC8CE42", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.30:*:*:*:*:*:*:*", "matchCriteriaId": "5E50EB43-2389-4D6C-BAFA-2B024F521FAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.32:*:*:*:*:*:*:*", "matchCriteriaId": "D8FBEB87-300E-4245-867D-3CC79163B941", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.33:*:*:*:*:*:*:*", "matchCriteriaId": "E48550BA-18A0-4682-9F83-71B8294FEC4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.34:*:*:*:*:*:*:*", "matchCriteriaId": "B462DAC1-4037-468F-897B-05CDFAFA4DB3", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to \"a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.\""}, {"lang": "es", "value": "La Legi\u00f3n de la API de Bouncy Castle Java Cryptography anterior a versi\u00f3n 1.38, como es usada en Crypto Provider Package anterior a versi\u00f3n 1.36, presenta un impacto desconocido y vectores de ataque remoto relacionados con \"a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes\"."}], "id": "CVE-2007-6721", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-03-30T01:30:00.217", "references": [{"source": "cve@mitre.org", "url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.bouncycastle.org/csharp/"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"}, {"source": "cve@mitre.org", "url": "http://www.bouncycastle.org/releasenotes.html"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/50358"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/50359"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/50360"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.bouncycastle.org/csharp/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.bouncycastle.org/releasenotes.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/50358"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/50359"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/50360"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "bouncycastle: unknown vulnerability in simple RSA CMS signatures", "id": "494053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=494053"}, "csaw": false, "details": ["The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to \"a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.\""], "name": "CVE-2007-6721", "public_date": "2007-11-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2007-6721\nhttps://nvd.nist.gov/vuln/detail/CVE-2007-6721"]}