2 matches found
CVE-2009-0161
The OpenSSL::OCSP module for Ruby in Apple Mac OS X 10.5 before 10.5.7 misinterprets an unspecified invalid response as a successful OCSP certificate validation, which might allow remote attackers to spoof certificate authentication via a revoked certificate...
CVE-2007-4594
Entrust Entelligence Security Provider ESP 8 does not properly validate certificates in certain circumstances involving 1 a chain that omits the root Certification Authority CA certificate, or an application that specifies disregarding 2 unknown revocation statuses during path validation or 3...