admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-29 17:50:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2016/CVE-2016-1000352.md

23 lines
951 B
Markdown
Raw Normal View History

Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
### [CVE-2016-1000352](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000352)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.
### POC
#### Reference
- https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
- https://www.oracle.com/security-alerts/cpuoct2020.html
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Anonymous-Phunter/PHunter
- https://github.com/CGCL-codes/PHunter
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
- https://github.com/pctF/vulnerable-app
Reference in New Issue Copy Permalink