CVE-2014-0878

Currently unrated

Key Information:

Vendor: IBM
Status: Java Sdk
Vendor: CVE Published:; 26 May 2014

Summary

The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output.

References

http://secunia.com/advisories/59022

third-party-advisoryx_refsource_SECUNIA

http://www-01.ibm.com/support/docview.wss?uid=swg21680750

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21679610

x_refsource_CONFIRM

Timeline

Vulnerability published
May 26, 2014
Vulnerability Reserved
Jan 6, 2014