Published: 06/01/2016 Updated: 17/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 3.3 | Impact Score: 1.4 | Exploitability Score: 1.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Bouncy Castle in Android prior to 5.1.1 LMY49F and 6.0 prior to 2016-01-01 allows malicious users to obtain sensitive information via a crafted application, aka internal bug 24106146.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android 5.0.2
google android 5.0.1
google android 6.0.1
google android 4.4.4
google android 5.1.0
google android 5.1.1
google android 6.0
google android 5.0

Several security issues were fixed in Bouncy Castle ...

Quan Nguyen discovered that a missing boundary check in the Galois/Counter mode implementation of Bouncy Castle (a Java implementation of cryptographic algorithms) may result in information disclosure For the stable distribution (jessie), this problem has been fixed in version 149+dfsg-3+deb8u2 For the upcoming stable distribution (stretch), thi ...

Synopsis Important: eap7-jboss-ec2-eap security update Type/Severity Security Advisory: Important Topic An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 70 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 70 for Red Hat Ent ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 70 for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a securi ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application PlatformRed Hat Product Security has rated this update as having a security impact of Important A Common Vu ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 70 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a securi ...

Synopsis Important: Satellite 64 security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat Satellite 64 for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...

It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information ...

CWE-200 http://source.android.com/security/bulletin/2016-01-01.html http://www.securitytracker.com/id/1034592 http://www.securityfocus.com/bid/79865 http://www.debian.org/security/2017/dsa-3829 https://access.redhat.com/errata/RHSA-2017:2811 https://access.redhat.com/errata/RHSA-2017:2810 https://access.redhat.com/errata/RHSA-2017:2809 https://access.redhat.com/errata/RHSA-2017:2808 https://access.redhat.com/errata/RHSA-2017:1832 https://usn.ubuntu.com/3727-1/https://access.redhat.com/errata/RHSA-2018:2927 https://nvd.nist.gov https://usn.ubuntu.com/3727-1/

Get Started

CVE-2015-6644

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect