The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.
2005-05-26T04:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 5.1 (MEDIUM)
AV:N/AC:H/Au:N/C:P/I:P/A:P
4.9
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | openssl | openssl | 0.9.1c | Yes |
| Application | openssl | openssl | 0.9.2b | Yes |
| Application | openssl | openssl | 0.9.3 | Yes |
| Application | openssl | openssl | 0.9.4 | Yes |
| Application | openssl | openssl | 0.9.5 | Yes |
| Application | openssl | openssl | 0.9.5a | Yes |
| Application | openssl | openssl | 0.9.6 | Yes |
| Application | openssl | openssl | 0.9.6a | Yes |
| Application | openssl | openssl | 0.9.6b | Yes |
| Application | openssl | openssl | 0.9.6c | Yes |
| Application | openssl | openssl | 0.9.6d | Yes |
| Application | openssl | openssl | 0.9.6e | Yes |
| Application | openssl | openssl | 0.9.6f | Yes |
| Application | openssl | openssl | 0.9.6g | Yes |
| Application | openssl | openssl | 0.9.6h | Yes |
| Application | openssl | openssl | 0.9.6i | Yes |
| Application | openssl | openssl | 0.9.6j | Yes |
| Application | openssl | openssl | 0.9.6k | Yes |
| Application | openssl | openssl | 0.9.6l | Yes |
| Application | openssl | openssl | 0.9.6m | Yes |
| Application | openssl | openssl | 0.9.7 | Yes |
| Application | openssl | openssl | 0.9.7 | Yes |
| Application | openssl | openssl | 0.9.7 | Yes |
| Application | openssl | openssl | 0.9.7 | Yes |
| Application | openssl | openssl | 0.9.7a | Yes |
| Application | openssl | openssl | 0.9.7b | Yes |
| Application | openssl | openssl | 0.9.7c | Yes |
| Application | openssl | openssl | 0.9.7d | Yes |