CVE-2015-2987 — ED vulnerability

CWE-173 documents3 sources

Severity

2.6LOWNVD

EPSS

0.2%

top 54.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Type74 ED Msrc CBL Mariner 1.0 ARM Msrc CBL Mariner 1.0 X64 +12 more

Timeline

PublishedAug 28

Latest updateJun 11

Description

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.

CVSS vector

AV:N/AC:H/C:P/I:N/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages15 packages

▶NVDtype74/ed3.4

▶msrcmsrc/cbl_mariner_1.0_arm

▶msrcmsrc/cbl_mariner_1.0_x64

▶msrcmsrc/cbl_mariner_2.0_arm

▶msrcmsrc/cbl_mariner_2.0_x64

Patches

Patch: type74.org ↗Patch: type74.org ↗

🔴Vulnerability Details

GHSA

GHSA-r8gg-jrgv-562w: Type74 ED before 4↗2022-05-17

▶

📋Vendor Advisories

Microsoft

CVE-2015-2987: Mariner: Mariner vultures@jpcert↗2024-06-11

▶