CVE-2012-5790
The CVE-2012-5790 entry concerns PayPal Payments Standard PHP Library 20120427, where the library fails to verify that the server hostname matches a domain name in the certificate’s CN or SubjectAltName. This misvalidation enables man-in-the-middle attackers to spoof SSL servers using an arbitrar...