CVE-2012-5782
The CVE-2012-5782 entry concerns the Amazon Flexible Payments Service (FPS) PHP Library, which does not verify that the server hostname matches a domain name in the X.509 certificate’s CN or subjectAltName. This allows MITM-style spoofing of SSL servers via an arbitrary valid certificate, related...