OpenID4Java Attribute Exchange Remote Security Bypass Vulnerability

Bugtraq ID: 47785
Class: Access Validation Error
CVE: CVE-2011-4314
Remote: Yes
Local: No
Published: May 10 2011 12:00AM
Updated: Dec 08 2011 10:57PM
Credit: Rui Wang, Shuo Chen, and XiaoFeng Wang
Vulnerable: Red Hat JBoss Enterprise Web Platform for RHEL 6 Server 5
Red Hat JBoss Enterprise Web Platform for RHEL 5 Server 5
Red Hat JBoss Enterprise Web Platform for RHEL 4ES 5
Red Hat JBoss Enterprise Web Platform for RHEL 4AS 5
Red Hat JBoss Enterprise Web Platform 5 EL6
Red Hat JBoss Enterprise Web Platform 5 EL5
Red Hat JBoss Enterprise Application Platform for RHEL 5 Server 5
Red Hat JBoss Enterprise Application Platform for RHEL 4ES 5
Red Hat JBoss Enterprise Application Platform for RHEL 4AS 5
Red Hat JBoss Enterprise Application Platform 5 EL6
Red Hat JBoss Enterprise Application Platform 5 EL5
OpenID4Java OpenID4Java 0.9.6.661
Not Vulnerable: OpenID4Java OpenID4Java 0.9.6.662


 

Privacy Statement
Copyright 2010, SecurityFocus