nCipher ConsoleCallBack Class With JRE 1.4.0 Smart Card Passphrase Leak Vulnerability

info
discussion
exploit
solution
references

nCipher ConsoleCallBack Class With JRE 1.4.0 Smart Card Passphrase Leak Vulnerability

Solution:
A patch is currently being developed by nCipher. The release date of this fix is not yet known.

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.