CVE-2016-7056 in macOSinfo

Summary

A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys.

Once again VulDB remains the best source for vulnerability data.

Responsible

Red Hat, Inc.

Reservation

08/23/2016

Disclosure

09/10/2018

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
98665Apple macOS OpenSSL key management320Proof-of-ConceptOfficial fixCVE-2016-7056
98657Apple macOS LibreSSL key management320Proof-of-ConceptOfficial fixCVE-2016-7056
95275OpenSSL ecdsa_ossl.c ecdsa_sign_setup key management320Not definedOfficial fixCVE-2016-7056

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!