Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability

Bugtraq ID: 58073
Class: Design Error
CVE: CVE-2012-5783
Remote: Yes
Local: No
Published: Oct 16 2012 12:00AM
Updated: Apr 18 2017 12:04AM
Credit: Martin Georgiev, Subodh Iyengar, Suman Jana, Rishita Anubhai, Dan Boneh, Vitaly Shmatikov
Vulnerable: Ubuntu Ubuntu Linux 15.04
Ubuntu Ubuntu Linux 14.04 LTS
Ubuntu Ubuntu Linux 12.04 LTS
Redhat JBoss Web Framework Kit 2.1
Redhat JBoss Operations Network 3.1.2
Redhat JBoss Fuse 6.2
Redhat JBoss Enterprise Application Platform 5 EL6
Redhat JBoss Enterprise Application Platform 5 EL5
Redhat JBoss Enterprise Application Platform 5 EL4
Redhat JBoss BRMS 5.3.1
Redhat Enterprise Virtualization 3.3
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux 5 Server
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
IBM Development Package for Apache Spark 1.6.2.0
CentOS CentOS 5
Avaya one-X Client Enablement Service 6.1 SP2
Avaya one-X Client Enablement Service 6.1 Sp1
Apache Commons HttpClient 3.0
Not Vulnerable: Redhat JBoss Web Framework Kit 2.2
Redhat JBoss Operations Network 3.2.0
Redhat JBoss Fuse 6.3
Avaya one-X Client Enablement Service 6.1 SP3


 

Privacy Statement
Copyright 2010, SecurityFocus