CVE-2015-0886 in Jbcryptinfo

Summary

Integer overflow in the crypt_raw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maximum exponent.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

01/08/2015

Disclosure

02/27/2015

Moderation

VulDB entry created

Entries

VDB-74330 (1)

CPE

ready

CWE

CWE-190 (Confirmed)

CVSS

5.3

EPSS

0.02478

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-0886
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-0886
CVE Details	https://www.cvedetails.com/cve/CVE-2015-0886/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!