Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 12:8 a.m.11 views

CVE-2009-3475

Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fields of a certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL...

7.5CVSS5.9AI score0.05741EPSS
Exploits4References1
OSV
OSV
added 2009/09/29 11:30 p.m.7 views

CVE-2009-3475

Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fields of a certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL...

5.7AI score
Exploits0References6
CVE
CVE
added 2009/09/29 11:0 p.m.89 views

CVE-2009-3475

CVE-2009-3475 affects Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1. When using PKIX trust validation, it does not properly handle a '\0' character in the certificate’s subject or SubjectAltName fields, enabling remote MITM attacks to spoof SSL servers via...

7.5CVSS6.2AI score0.00891EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2009/09/29 11:0 p.m.38 views

CVE-2009-3475

Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fields of a certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL...

6.4AI score0.00891EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2009/09/29 11:0 p.m.44 views

CVE-2009-3475

Internet2 Shibboleth Service Provider software 1.3.x before 1.3.3 and 2.x before 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fields of a certificate, which allows remote man-in-the-middle attackers to spoof arbitrary SSL...

7.5CVSS8.4AI score0.00891EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/09/28 12:0 a.m.22 views

Debian: Security Advisory (DSA-1895-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS5.8AI score0.04097EPSS
Exploits0References2
Rows per page
Query Builder