CVE-2011-4607

PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:putty:putty:0.59:*:*:*:*:*:*:*
cpe:2.3:a:putty:putty:0.60:*:*:*:*:*:*:*
cpe:2.3:a:putty:putty:0.61:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-08-23 16:55

Updated : 2024-02-04 18:16


NVD link : CVE-2011-4607

Mitre link : CVE-2011-4607

CVE.ORG link : CVE-2011-4607


JSON object : View

Products Affected

putty

  • putty
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer