Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability

Bugtraq ID: 58073
Class: Design Error
CVE: CVE-2012-5783
Remote: Yes
Local: No
Published: Oct 16 2012 12:00AM
Updated: Sep 26 2016 12:00AM
Credit: Martin Georgiev, Subodh Iyengar, Suman Jana, Rishita Anubhai, Dan Boneh, Vitaly Shmatikov
Vulnerable: Ubuntu Ubuntu Linux 15.04
Ubuntu Ubuntu Linux 14.04 LTS
Ubuntu Ubuntu Linux 12.04 LTS
Redhat JBoss Web Framework Kit 2.1
Redhat JBoss Operations Network 3.1.2
Redhat JBoss Enterprise Application Platform 5 EL6
Redhat JBoss Enterprise Application Platform 5 EL5
Redhat JBoss Enterprise Application Platform 5 EL4
Redhat JBoss BRMS 5.3.1
Redhat Enterprise Virtualization 3.3
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux 5 Server
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
IBM Development Package for Apache Spark 1.6.2.0
CentOS CentOS 5
Avaya one-X Client Enablement Service 6.1 SP2
Avaya one-X Client Enablement Service 6.1 Sp1
Apache Commons HttpClient 3.0
Not Vulnerable: Redhat JBoss Web Framework Kit 2.2
Redhat JBoss Operations Network 3.2.0
Avaya one-X Client Enablement Service 6.1 SP3


 

Privacy Statement
Copyright 2010, SecurityFocus