SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-07T02:55:46.638Z
Reserved: 2010-08-20T00:00:00
Link: CVE-2010-3073

No data.

Status : Modified
Published: 2010-09-17T18:00:02.493
Modified: 2024-11-21T01:17:58.710
Link: CVE-2010-3073

No data.