CVE-2004-2393

2004-12-31T00:00:00
ID CVE-2004-2393
Type cve
Reporter NVD
Modified 2017-07-10T21:31:51

Description

Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not properly validate the certificate chain of a client or server, which allows remote attackers to falsely authenticate peers for SSL/TLS.