Apache HttpComponents Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability

Bugtraq ID: 69257
Class: Design Error
CVE: CVE-2012-6153
Remote: Yes
Local: No
Published: Aug 13 2014 12:00AM
Updated: Nov 24 2016 01:14AM
Credit: Florian Weimer
Vulnerable: Ubuntu Ubuntu Linux 15.04
Ubuntu Ubuntu Linux 14.04 LTS
Ubuntu Ubuntu Linux 12.04 LTS
Redhat Software Collections 1 for RHEL 6 0
Redhat JBoss Enterprise Application Platform 6.3
Redhat JBoss Enterprise Application Platform 6 EL6
Redhat JBoss Enterprise Application Platform 6 EL5
Redhat JBoss BRMS 6.0.3
Redhat Jboss Bpm Suite 6.0.3
Redhat Jboss Bpm Suite 6.0.1
Redhat Jboss Bpm Suite 6.0.0
Redhat Developer Toolset 2
IBM ISALite 11.5
IBM ISALite 11.3
IBM Infosphere Metadata Workbench 9.1
IBM Infosphere Metadata Workbench 8.7
IBM InfoSphere Metadata Asset Manager 9.1
IBM InfoSphere Metadata Asset Manager 8.7
IBM InfoSphere Metadata Asset Manager 11.3
IBM InfoSphere Information Server on Cloud 11.5
IBM InfoSphere Information Server Manager 9.1
IBM InfoSphere Information Server Manager 8.7
IBM InfoSphere Information Governance Catalog 11.5
IBM InfoSphere Information Governance Catalog 11.3
IBM InfoSphere FastTrack 11.5
IBM InfoSphere FastTrack 11.3
IBM InfoSphere DataStage 9.1
IBM InfoSphere DataStage 8.7
IBM InfoSphere DataStage 8.5
IBM InfoSphere Data Quality Exception Console 11.5
IBM InfoSphere Data Quality Exception Console 11.3
IBM InfoSphere Business Glossary Client for Eclipse 9.1
IBM InfoSphere Business Glossary Client for Eclipse 8.7
IBM InfoSphere Business Glossary Client for Eclipse 8.5
IBM InfoSphere Business Glossary Client for Eclipse 11.5
IBM InfoSphere Business Glossary Client for Eclipse 11.3
IBM InfoSphere Business Glossary 9.1
IBM InfoSphere Business Glossary 8.7
IBM InfoSphere Blueprint Director 9.1
IBM InfoSphere Blueprint Director 8.7
IBM InfoSphere Blueprint Director 8.5
IBM InfoSphere Blueprint Director 11.3
IBM Flex System Manager 1.3.2
IBM Flex System Manager 1.3.4.0
IBM Flex System Manager 1.3.3.0
IBM Bluemix Liberty for Java 1.6
IBM Bluemix Liberty for Java 1.5
IBM Bluemix Liberty for Java 1.3
IBM Bluemix Liberty for Java 1.12-20150130-1059
HP Network Node Manager i 9.20
HP Network Node Manager i 10.0
Apache HttpComponents HttpClient 4.2.2
Apache HttpComponents HttpClient 4.1.1
Apache HttpComponents HttpClient 4.1
Apache Commons HttpClient 3.0
Apache Commons HttpClient 3.1
Not Vulnerable: Redhat JBoss BRMS 6.1
Redhat Jboss Bpm Suite 6.1
IBM Bluemix Liberty for Java 1.13-20150209-1122


 

Privacy Statement
Copyright 2010, SecurityFocus