RSA BSAFE Micro Edition Suite, versions before 4.0.11 (in 4.0.x) and before 4.1.6.1 (in 4.1.x), contains an Improper Clearing of Heap Memory Before Release ('Heap Inspection') vulnerability. Decoded PKCS #12 data in heap memory is not zeroized by MES before releasing the memory internally and a malicious local user could gain access to the unauthorized data by doing heap inspection.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
dell bsafe |
||
oracle application testing suite 13.3.0.1 |
||
oracle communications analytics 12.1.1 |
||
oracle communications ip service activator 7.3.0 |
||
oracle communications ip service activator 7.4.0 |
||
oracle core rdbms 11.2.0.4 |
||
oracle core rdbms 12.1.0.2 |
||
oracle core rdbms 12.2.0.1 |
||
oracle core rdbms 18c |
||
oracle core rdbms 19c |
||
oracle enterprise manager ops center 12.3.3 |
||
oracle enterprise manager ops center 12.4.0 |
||
oracle goldengate application adapters 12.3.2.1.0 |
||
oracle jd edwards enterpriseone tools 9.2 |
||
oracle real user experience insight 13.1.2.1 |
||
oracle real user experience insight 13.2.3.1 |
||
oracle real user experience insight 13.3.1.0 |
||
oracle retail predictive application server 15.0.3 |
||
oracle retail predictive application server 16.0.3.0 |
||
oracle security service 11.1.1.9.0 |
||
oracle security service 12.1.3.0.0 |
||
oracle security service 12.2.1.3.0 |
||
oracle timesten in-memory database |
Vulmon