Description
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
Remediation
References
Related Vulnerabilities
WordPress Plugin RokStories Multiple Vulnerabilities (1.25)
Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-5485)
WordPress Plugin SEO Redirection-301 Redirect Manager Cross-Site Scripting (4.2)
WordPress Plugin Header Footer Code Manager Cross-Site Scripting (1.1.16)