5
CVSSv2

CVE-2014-3462

Published: 07/08/2017 Updated: 21/08/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

The ".encfs6.xml" configuration file in encfs prior to 1.7.5 allows remote malicious users to access sensitive data by setting "blockMACBytes" to 0 and adding 8 to "blockMACRandBytes".

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

opensuse leap 42.1

opensuse leap 42.2

opensuse opensuse 13.2

encfs project encfs

Vendor Advisories

Debian Bug report logs - #736066 multiple security issues discovered in encfs Package: encfs; Maintainer for encfs is Eduard Bloch <blade@debianorg>; Source for encfs is src:encfs (PTS, buildd, popcon) Reported by: Paul Dreik <slask@pauldreikse> Date: Sun, 19 Jan 2014 12:45:01 UTC Severity: important Tags: securit ...