Description

The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.

Remediation

References

CVE-2005-1797

Related Vulnerabilities

osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43732)

WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.17)

OpenSSL Improper Access Control Vulnerability (CVE-2016-7054)

WordPress Plugin Brandfolder-Digital Asset Management Simplified Local/Remote File Inclusion (3.0)

phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-20034)

Severity

Medium

Classification

CVE-2005-1797

Tags

Missing Update Known Vulnerabilities