Bouncy Castle CVE-2015-7940 Information Disclosure Vulnerability



Bouncy Castle is prone to an information disclosure vulnerability.

An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks.

Information

Bugtraq ID: 79091
Class: Design Error
CVE: CVE-2015-7940

Remote: Yes
Local: No
Published: Nov 09 2015 12:00AM
Updated: Apr 19 2017 04:04PM
Credit: Horst Görtz
Vulnerable: Redhat JBoss Fuse 6.2
Redhat JBoss Fuse 6.1.0
Redhat JBoss Fuse 6.0.0
Oracle Virtual Desktop Infrastructure 3.3
Oracle Virtual Desktop Infrastructure 3.2
Oracle Retail Open Commerce Platform 6.0
Oracle Retail Open Commerce Platform 5.3
Oracle Retail Open Commerce Platform 5.1
Oracle Retail Open Commerce Platform 5.0
Oracle Retail Open Commerce Platform 4.0
Oracle PeopleSoft Enterprise PeopleTools 8.55
Oracle PeopleSoft Enterprise PeopleTools 8.54
Oracle MICROS Lucas 2.9.5
Oracle MICROS Lucas 2.9.4
Oracle MICROS Lucas 2.9.3
Oracle MICROS Lucas 2.9.2
Oracle MICROS Lucas 2.9.1
Oracle Insurance IStream 4.3.2
Oracle FLEXCUBE Universal Banking 12.2
Oracle FLEXCUBE Universal Banking 12.1
Oracle FLEXCUBE Universal Banking 12.0.3
Oracle FLEXCUBE Universal Banking 12.0.2
Oracle FLEXCUBE Universal Banking 12.0.1
Oracle FLEXCUBE Universal Banking 11.4
Oracle FLEXCUBE Universal Banking 11.3
Oracle Enterprise Manager Base Platform 13.2.0.0
Oracle Enterprise Manager Base Platform 13.1.0.0
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Enterprise Manager 12.2.2
Oracle Enterprise Manager 12.1.4
Oracle Communications Indexing and Search Service 1.0.5.28.0
Oracle Communications Indexing and Search Service 1.0.5.26.0
Oracle Communications Indexing and Search Service 1.0.5.25.0
Oracle Application Testing Suite 12.5.0.2
openSUSE openSUSE 13.2
openSUSE openSUSE 13.1
openSUSE Leap 42.1
IBM WebSphere Cast Iron 7.0
IBM WebSphere Cast Iron 7.5.0.1
IBM WebSphere Cast Iron 7.5.0.0
IBM WebSphere Cast Iron 7.0.0.3
IBM WebSphere Cast Iron 7.0.0.2
IBM WebSphere Cast Iron 7.0.0.1
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Bouncycastle Bouncy Castle Crypto Package 1.50


Not Vulnerable: Oracle Virtual Desktop Infrastructure 3.5.3
Bouncycastle Bouncy Castle Crypto Package 1.51



Related Posts