CVE-2015-2987 - Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attac

CVE-2015-2987

Summary

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.

References

http://jvn.jp/en/jp/JVN91474878/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000119
http://type74.org/edman5-1.php
http://type74org.blog14.fc2.com/blog-entry-1384.html

Vulnerable Configurations

cpe:2.3:a:type74:ed:*:*:*:*:*:*:*:*
cpe:2.3:a:type74:ed:*:*:*:*:*:*:*:*

CVSS

Base:	2.6 (as of 31-08-2015 - 18:40)
Impact:
Exploitability:

CWE

CWE-17

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:H/Au:N/C:P/I:N/A:N

refmap via4

confirm	http://type74.org/edman5-1.php http://type74org.blog14.fc2.com/blog-entry-1384.html
jvn	JVN#91474878
jvndb	JVNDB-2015-000119

Last major update

31-08-2015 - 18:40

Published

28-08-2015 - 15:59

Last modified

31-08-2015 - 18:40