Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-4314HistoryJan 27, 2012 - 3:55 p.m.
CVE-2011-4314
2012-01-2715:55:00
Debian Security Bug Tracker
security-tracker.debian.org
11
0.005 Low
EPSS
Percentile
75.2%
message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used in JBoss Enterprise Application Platform 5.1 before 5.1.2, Step2, Kay Framework before 1.0.2, and possibly other products does not verify that Attribute Exchange (AX) information is signed, which allows remote attackers to modify potentially sensitive AX information without detection via a man-in-the-middle (MITM) attack.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | openid4java | < 0.9.6.662-1 | openid4java_0.9.6.662-1_all.deb |
| Debian | 11 | all | openid4java | < 0.9.6.662-1 | openid4java_0.9.6.662-1_all.deb |
| Debian | 10 | all | openid4java | < 0.9.6.662-1 | openid4java_0.9.6.662-1_all.deb |
| Debian | 999 | all | openid4java | < 0.9.6.662-1 | openid4java_0.9.6.662-1_all.deb |
| Debian | 13 | all | openid4java | < 0.9.6.662-1 | openid4java_0.9.6.662-1_all.deb |
Related
ibm
ibm
nessus
nessus
nginx < 1.0.10 DNS Resolver Remote Heap Buffer Overflow
2012-04-17 00:00:00
RHEL 6 : JBoss Enterprise Web Platform 5.1.2 update (Low) (RHSA-2011:1802)
2024-04-27 00:00:00
RHEL 4 : JBoss EAP (RHSA-2011:1800)
2013-01-24 00:00:00
redhat
redhat
(RHSA-2011:1802) Low: JBoss Enterprise Web Platform 5.1.2 update
2011-12-08 00:00:00
(RHSA-2011:1803) Low: JBoss Enterprise Web Platform 5.1.2 update
2011-12-08 00:00:00
(RHSA-2011:1799) Low: JBoss Enterprise Application Platform 5.1.2 update
2011-12-08 00:00:00
prion
prion
Input validation
2012-01-27 15:55:00
cvelist
cvelist
CVE-2011-4314
2012-01-27 15:00:00
cve
cve
CVE-2011-4314
2012-01-27 15:55:00
packetstorm
packetstorm
Red Hat Security Advisory 2011-1798-01
2011-12-08 00:00:00