CVE-2013-4208 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2013-4208 Interim 1 8 2023-12-08T02:37:16Z current 2021-05-30T13:13:49Z 2023-12-08T02:37:16Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2013-4208 The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed filezilla-3.23.0.2-1.1 filezilla-lang-3.23.0.2-1.1 filezilla-3.23.0.2-1.1 as a component of openSUSE Tumbleweed filezilla-lang-3.23.0.2-1.1 as a component of openSUSE Tumbleweed The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys. CVE-2013-4208 openSUSE Tumbleweed:filezilla-3.23.0.2-1.1 openSUSE Tumbleweed:filezilla-lang-3.23.0.2-1.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N