CVE-2010-3074

EPSS 0.07%

Published: 9/17/2010Modified: 4/28/2026

Description

SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack.

Affected packages (1)

Debian/encfsfrom 0, < 1.7.2-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-3074