3 matches found
EUVD-2012-5958
Malware in sbrugna...
CVE-2012-6087
repository/s3/S3.php in the Amazon S3 library in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...
CVE-2012-6087
CVE-2012-6087 affects Moodle’s repository/s3/S3.php in affected Moodle branches (up to 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, 2.5.x before 2.5.2). The issue is that the code does not verify that the server hostname matches the CN or SAN in the SSL certificate, allowing MITM attackers to ...