Vulnerabilities

CVE-2015-2774

by Fred · 07/04/2016

Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).

Date published : 2016-04-07

http://www.securityfocus.com/bid/73398

http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

Similar

Tags: Cybersecurity Alert