Vulnerabilities > CVE-2002-0941 - Unspecified vulnerability in Ncipher Nforce and Nshield
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| Hardware | 1 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html
- http://archives.neohapsis.com/archives/bugtraq/2002-06/0172.html
- http://www.iss.net/security_center/static/9354.php
- http://www.iss.net/security_center/static/9354.php
- http://www.securityfocus.com/bid/5024
- http://www.securityfocus.com/bid/5024