CVE-2004-2393

Java Secure Socket Extension JSSE 1.0.3 through 1.0.32 does not properly validate the certificate chain of a client or server, which allows remote attackers to falsely authenticate peers for SSL/TLS...

CVE-2003-1229

X509TrustManager in 1 Java Secure Socket Extension JSSE in SDK and JRE 1.4.0 through 1.4.001, 2 JSSE before 1.0.3, 3 Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and 4 Java Web Start 1.0 through 1.2 incorrectly calls the isClientTrusted method when determining server trust, which results in...

PT-2003-2174 · Oracle · Sdk +4

Name of the Vulnerable Software and Affected Versions: Java Secure Socket Extension JSSE in SDK and JRE versions 1.4.0 through 1.4.0 01 JSSE versions prior to 1.0.3 Java Plug-in SDK and JRE versions 1.3.0 through 1.4.1 Java Web Start versions 1.0 through 1.2 Description: The X509TrustManager in t...

Incorrect Certificate Validation in Java Secure Socket Extension

According to SUN it has been reported that: "the Java Secure Socket Extension JSSE may incorrectly validate the digital certificate of a web site. This may result in untrustworthy web sites being authenticated for SSL transactions. The Java Plug-in and Java Web Start may incorrectly validate the...