PT-2008-5617 · Oracle+1 · Java+1
Publicado
2008-10-01
·
Atualizado
2017-08-08
·
CVE-2008-4368
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Java versions 1.5 on Apple Mac OS X versions 10.5.4 through 10.5.5
Description:
The default configuration of Java contains a jurisdiction policy that limits Java Cryptography Extension (JCE) key sizes to 128 bits. This limitation makes it easier for attackers to decrypt ciphertext produced by JCE.
Recommendations:
For Java 1.5 on Apple Mac OS X versions 10.5.4 through 10.5.5, consider updating the jurisdiction policy to allow for larger JCE key sizes to strengthen encryption.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Java
Macos X