SSL_Cipher.cpp in EncFS prior to 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arg0 encfs 1.4.1.1 |
||
arg0 encfs 1.4.1 |
||
arg0 encfs 1.5.0 |
||
arg0 encfs 1.4.2 |
||
arg0 encfs 1.4.0 |
||
arg0 encfs |