FKIE_CVE-2007-3108

Vulnerability from fkie_nvd - Published: 2007-08-08 01:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
References
secalert@redhat.comhttp://cvs.openssl.org/chngview?cn=16275
secalert@redhat.comhttp://lists.vmware.com/pipermail/security-announce/2008/000002.html
secalert@redhat.comhttp://openssl.org/news/patch-CVE-2007-3108.txt
secalert@redhat.comhttp://secunia.com/advisories/26411
secalert@redhat.comhttp://secunia.com/advisories/26893
secalert@redhat.comhttp://secunia.com/advisories/27021
secalert@redhat.comhttp://secunia.com/advisories/27078
secalert@redhat.comhttp://secunia.com/advisories/27097
secalert@redhat.comhttp://secunia.com/advisories/27205
secalert@redhat.comhttp://secunia.com/advisories/27330
secalert@redhat.comhttp://secunia.com/advisories/27770
secalert@redhat.comhttp://secunia.com/advisories/27870
secalert@redhat.comhttp://secunia.com/advisories/28368
secalert@redhat.comhttp://secunia.com/advisories/30161
secalert@redhat.comhttp://secunia.com/advisories/30220
secalert@redhat.comhttp://secunia.com/advisories/31467
secalert@redhat.comhttp://secunia.com/advisories/31489
secalert@redhat.comhttp://secunia.com/advisories/31531
secalert@redhat.comhttp://security.gentoo.org/glsa/glsa-200710-06.xml
secalert@redhat.comhttp://support.attachmate.com/techdocs/2374.html
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2007-485.htm
secalert@redhat.comhttp://www.bluecoat.com/support/securityadvisories/advisory_openssl_rsa_key_reconstruction_vulnerability
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1571
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/724968US Government Resource
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/RGII-74KLP3
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:193
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2007-0813.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2007-0964.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2007-1003.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/476341/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/485936/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/archive/1/486859/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/25163Patch
secalert@redhat.comhttp://www.vmware.com/security/advisories/VMSA-2008-0001.html
secalert@redhat.comhttp://www.vmware.com/security/advisories/VMSA-2008-0013.html
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/2759
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/4010
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/0064
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/2361
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/2362
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/2396
secalert@redhat.comhttps://issues.rpath.com/browse/RPL-1613
secalert@redhat.comhttps://issues.rpath.com/browse/RPL-1633
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9984
secalert@redhat.comhttps://usn.ubuntu.com/522-1/
af854a3a-2127-422b-91ae-364da2661108http://cvs.openssl.org/chngview?cn=16275
af854a3a-2127-422b-91ae-364da2661108http://lists.vmware.com/pipermail/security-announce/2008/000002.html
af854a3a-2127-422b-91ae-364da2661108http://openssl.org/news/patch-CVE-2007-3108.txt
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26411
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26893
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27021
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27078
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27097
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27205
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27330
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27770
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27870
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28368
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30161
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30220
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31467
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31489
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31531
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200710-06.xml
af854a3a-2127-422b-91ae-364da2661108http://support.attachmate.com/techdocs/2374.html
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2007-485.htm
af854a3a-2127-422b-91ae-364da2661108http://www.bluecoat.com/support/securityadvisories/advisory_openssl_rsa_key_reconstruction_vulnerability
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1571
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/724968US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/RGII-74KLP3
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2007:193
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-0813.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-0964.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2007-1003.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/476341/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/485936/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/486859/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/25163Patch
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0001.html
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2008-0013.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2759
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/4010
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/0064
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2361
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2362
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2396
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1613
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-1633
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9984
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/522-1/
Impacted products
Vendor Product Version
openssl openssl *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "636B0CAF-5A47-4CC7-9DAF-52090894B647",
              "versionEndIncluding": "0.9.8e",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n BN_from_montgomery en el crypto/bn/bn_mont.c del OpenSSL 0.9.8e y anteriores, no interpreta adecuadamente la multiplicaci\u00f3n Montgomery, lo que permite a usuarios locales llevar a cabo ataques por canal colateral (side-channel) y recuperar claves privadas RSA."
    }
  ],
  "id": "CVE-2007-3108",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.2,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-08T01:17:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://cvs.openssl.org/chngview?cn=16275"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://openssl.org/news/patch-CVE-2007-3108.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26411"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26893"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27021"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27078"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27097"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27205"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27330"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27770"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27870"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/28368"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30161"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30220"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31467"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31489"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31531"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200710-06.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.attachmate.com/techdocs/2374.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-485.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.bluecoat.com/support/securityadvisories/advisory_openssl_rsa_key_reconstruction_vulnerability"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1571"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/724968"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.kb.cert.org/vuls/id/RGII-74KLP3"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:193"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0813.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0964.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/476341/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/25163"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2759"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/4010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/0064"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/2361"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/2362"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/2396"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1613"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1633"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9984"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/522-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cvs.openssl.org/chngview?cn=16275"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openssl.org/news/patch-CVE-2007-3108.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26411"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26893"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27078"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27097"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27205"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27330"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27770"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28368"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30161"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31467"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31489"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31531"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200710-06.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.attachmate.com/techdocs/2374.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-485.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.bluecoat.com/support/securityadvisories/advisory_openssl_rsa_key_reconstruction_vulnerability"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1571"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/724968"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kb.cert.org/vuls/id/RGII-74KLP3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:193"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0813.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0964.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/476341/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/25163"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2361"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2362"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2396"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1613"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9984"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/522-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "This paper describes a possible side-channel attack that hasn\u2019t been proven outside of a lab environment. In reality many factors would make this harder to exploit. If exploited, a local user could obtain RSA private keys (for example for web sites being run on the server). We have rated this as affecting Red Hat products with moderate security severity. Although the OpenSSL team have produced a patch for this issue, it is non-trivial and will require more testing before we can deploy it in a future update.  Our current plan is as follows:\n\n- To include a backported fix in an OpenSSL update as part of Enterprise Linux 4.6. This will get testing via beta and give time for more extensive internal and upstream testing\n- To release an update for OpenSSL for other platforms at the same time as 4.6 is released\n http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-3108\n",
      "lastModified": "2007-08-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.