Description

The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.

Remediation

References

CVE-2007-3108

Related Vulnerabilities

MySQL CVE-2016-0667 Vulnerability (CVE-2016-0667)

MySQL CVE-2016-3471 Vulnerability (CVE-2016-3471)

WordPress Plugin WPBakery Page Builder Cross-Site Scripting (6.4.0)

WordPress Plugin Travelpayouts:All Travel Brands in One Place Cross-Site Scripting (0.7.12)

WordPress Plugin Xhanch-My Twitter Cross-Site Request Forgery (2.7.6)

Severity

Low

Classification

CVE-2007-3108

Tags

Missing Update Known Vulnerabilities