91 matches found
MiracleLinux 4 : jakarta-commons-httpclient-3.1-0.7.AXS4 (AXSA:2013-313:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-313:01 advisory. The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the...
EUVD-2018-0479
Malware in sbrugna...
Security Bulletin: SSL Certificate Hostname Verification Bypass in Apache Commons HttpClient 3.x Allowing MITM Attacks affects watsonx.data
Summary Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...
Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management
Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF15 patch Vulnerability Details CVEID:CVE-2022-44729 DESCRIPTION: Apache Batik is vulnerable to server-side request forgery, caused by improper input validation. By persuading a victim to open...
Security Bulletin: There is a vulnerability in Apache Commons HttpClient used by IBM Maximo Asset Management (CVE-2012-5783)
Summary There is a vulnerability in Apache Commons HttpClient used by IBM Maximo Asset Management. Vulnerability Details CVEID:CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, could allow a remote attacker ...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Netcool Configuration Manager (CVE-2012-5783).
Summary IBM WebSphere Application Server is shipped with IBM Tivoli Netcool Configuration Manager version 6.4.1; IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Network Manager IP Edition (CVE-2012-5783).
Summary IBM WebSphere Application Server is shipped with IBM Tivoli Network Manager IP Edition versions 3.9 and 4.1.1; IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager IP Edition version 4.2. Information about a security vulnerability affecting IBM WebSphere...
Security Bulletin: TADDM is vulnerable to a denial of service due to vulnerabilities in Apache HttpClient
Summary Apache HttpClient used by IBM Tivoli Application Dependency Discovery Manager and is vulnerable to CVE-2011-1498, CVE-2012-5783, CVE-2012-6153, CVE-2014-3577,CVE-2015-5262 Vulnerability Details CVEID:CVE-2011-1498 DESCRIPTION: Apache HttpComponents could allow a remote attacker to obtain...
Security Bulletin: AIX is vulnerable to an SSL server spoof due to Apache Commons HttpClient (CVE-2012-5783)
Summary A vulnerability in Apache Commons HttpClient could allow a remote attacker to conduct spoofing attacks CVE-2012-5783. AIX ships Apache Commons HttpClient as part of Electronic Customer Care. Vulnerability Details CVEID:CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient, as used in Amazo...
AIX is vulnerable to an SSL server spoof due to Apache Commons HttpClient
IBM SECURITY ADVISORY First Issued: Thu Apr 13 13:44:57 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/commonshttpadvisory.asc Security Bulletin: AIX is vulnerable to an SSL server spoof due to Apache Commons HttpClient...
Security Bulletin: Vulnerability in commons-httpclient-3.0.1.jar affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) (CVE-2012-5783)
Summary Commons-httpclient-3.0.1.jar package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVE CVE-2012-5783. Vulnerability Details CVEID:CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient, as used in Amazon Flexible Payments Servi...
Debian: Security Advisory (DLA-222-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Apache Commons HttpClient 3.x (and few others) allow Man-In-The-Middle (MITM) attack
Summary Apache Commons HttpClient 3.x and few others used do not verify the server hostname in the subject Common Name CN and allows Man-In-The-Middle MITM attack Vulnerability Details CVEID:CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient, as used in Amazon Flexible Payments Service FPS...
Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-2020-13956
Summary IBM TRIRIGA Application Platform discloses CVE-2020-13956 Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing...
Security Bulletin: IBM TRIRIGA Application Platform discloses CVE-2020-13956
Summary IBM TRIRIGA Application Platform discloses CVE-2020-13956 Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +13938 more potentially affected by CVE-2012-5783 via commons-httpclient:commons-httpclient (>=3.0 <=3.1-rc1)
commons-httpclient:commons-httpclient MAVEN version =3.0, =1.1, =0.0.1, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =0.0.25, =0.0.25, =0.0.62, =def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91 and more Source cves: CVE-2012-5783 Source advisory: OSV:GHSA-3832-9276-X7GF...
Security Bulletin: Information disclosure in Apache Commons HttpClient may affect WebSphere Application Server as part of IBM InfoSphere Global Name Management (CVE-2012-5783)
Summary There is a potential information disclosure in Apache Commons HttpClient used by WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations. Vulnerability Details CVEs:...
Mageia: Security Advisory (MGASA-2013-0199)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: FileNet Content Manager is affected by a HTTP Client vulnerability
Summary FileNet Content Manager has addressed the following HTTP Client v3.0.1 and v4.0.1 vulnerability. Vulnerability Details CVEID: CVE-2012-5783 DESCRIPTION: Apache Commons HttpClient, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, could allow a remote...
SUSE: Security Advisory (SUSE-SU-2013:0610-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...