CVE-2013-1624

EPSS 0.39% · P60 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2013-1624

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Bouncy Castle 加密问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Bouncy Castle是Bouncy Castle组织的密码学中使用的API集合。它包括适用于Java和C#编程语言的API 。 Bouncy Castle Java库1.48之前版本以及C#库1.8之前版本中的TLS实现中存在加密问题漏洞，该漏洞源于程序在处理畸形的CBC填充期间没有正确地研究针对固执的MAC地址检查操作所进行的计时边信道攻击。通过对特制报文的计时数据的统计分析，远程攻击者可利用该漏洞实施区分攻击以及明文恢复攻击。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2013-1624

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2013-1624

Please Login to view more intelligence information

🔗 http://www.isg.rhul.ac.uk/tls/TLStiming.pdfx_refsource_MISC
🔗 http://secunia.com/advisories/57716third-party-advisoryx_refsource_SECUNIA
🔗 http://secunia.com/advisories/57719third-party-advisoryx_refsource_SECUNIA
🔗 http://rhn.redhat.com/errata/RHSA-2014-0372.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://rhn.redhat.com/errata/RHSA-2014-0371.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://openwall.com/lists/oss-security/2013/02/05/24mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2013-1624

Same Patch Batch · n/a · 2013-02-08 · 21 CVEs total

CVE-2013-1619		GnuTLS TLS实现加密问题漏洞
CVE-2013-1465		CubeCart ‘shipping’参数PHP对象注入漏洞
CVE-2013-0263		Rack 远程任意代码执行漏洞
CVE-2013-0262		Rack 路径遍历漏洞
CVE-2013-0242		GNU C glibc ‘extend_buffers()’ 正则表达式处理拒绝服务漏洞
CVE-2013-0189		Squid 缓冲区错误漏洞
CVE-2013-0170		Red Hat libvirt 资源管理错误漏洞
CVE-2013-1623		wolfSSL CyaSSL TLS/DTLS实现加密问题漏洞
CVE-2013-1621		PolarSSL 数组索引错误漏洞
CVE-2013-1620		Mozilla Network Security Services TLS实现加密问题漏洞
CVE-2012-4700		IntegraXor ActiveX Control 缓冲区溢出漏洞
CVE-2013-1618		Opera Web Browser TLS 加密问题漏洞
CVE-2013-0169		多个TLS/DTLS实现加密问题漏洞
CVE-2013-0166		OpenSSL 加密问题漏洞
CVE-2012-2686		OpenSSL 加密问题漏洞
CVE-2013-1639		Opera 跨站请求伪造漏洞
CVE-2013-1638		Opera 代码注入漏洞
CVE-2013-1637		Opera 代码注入漏洞
CVE-2013-0634		Adobe Flash Player 缓冲区溢出漏洞
CVE-2013-0633		Adobe Flash Player 缓冲区溢出漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2013-1624

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2013-1624

I. Basic Information for CVE-2013-1624

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2013-1624

III. Intelligence Information for CVE-2013-1624

Same Patch Batch · n/a · 2013-02-08 · 21 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2013-1624

Leave a comment