Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability

Bugtraq ID: 58073
Class: Design Error
CVE: CVE-2012-5783
Remote: Yes
Local: No
Published: Oct 16 2012 12:00AM
Updated: Mar 07 2014 12:52AM
Credit: Martin Georgiev, Subodh Iyengar, Suman Jana, Rishita Anubhai, Dan Boneh, Vitaly Shmatikov
Vulnerable: RedHat Enterprise Linux Desktop Workstation 5 client
Red Hat JBoss Enterprise Application Platform 5 EL6
Red Hat JBoss Enterprise Application Platform 5 EL5
Red Hat JBoss Enterprise Application Platform 5 EL4
Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node Optional 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux 5 Server
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
CentOS CentOS 5
Apache Software Foundation Commons HttpClient 3.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus