OpenSAML XML Signature Wrapping Security Vulnerability

Bugtraq ID: 48890
Class: Design Error
CVE: CVE-2011-1411
Remote: Yes
Local: No
Published: Jul 26 2011 12:00AM
Updated: Apr 13 2015 09:36PM
Credit: Juraj Somorovsky, Andreas Mayer, Meiko Jensen, Florian Kohlar, Marco Kampmann and Joerg Schwen
Vulnerable: Oracle Weblogic Server 12.1.1 0
Oracle Weblogic Server 10.3.6 0
Oracle Weblogic Server 9.2.4 0
Oracle Weblogic Server 10.3.5.0
Oracle Weblogic Server 10.0.2
Oracle Event Processing 11.1.1 60
Oracle Event Processing 11.1.1 40
Oracle Event Processing 2.0
Internet2 OpenSAML 2.2.1
Internet2 OpenSAML 2.2
IBM Websphere Application Server 7.0 3
IBM Websphere Application Server 7.0 .9
IBM Websphere Application Server 7.0 .8
IBM Websphere Application Server 7.0 .2
IBM Websphere Application Server 7.0 .13
IBM Websphere Application Server 7.0 .12
IBM Websphere Application Server 7.0 .11
IBM Websphere Application Server 7.0.0.7
IBM Websphere Application Server 7.0.0.6
IBM Websphere Application Server 7.0.0.5
IBM Websphere Application Server 7.0.0.4
IBM Websphere Application Server 7.0.0.17
IBM Websphere Application Server 7.0.0.15
IBM Websphere Application Server 7.0.0.14
IBM Websphere Application Server 7.0.0.13
IBM Websphere Application Server 7.0.0.1
IBM Websphere Application Server 7.0.0.0
Not Vulnerable: IBM Websphere Application Server 7.0.0.19


 

Privacy Statement
Copyright 2010, SecurityFocus