3 matches found
CVE-2006-5201
CVE-2006-5201 affects Sun Solaris components (notably NSS, NSS-based libraries, Java JDK/JRE, JSSE, IPSec/IKE, and related Sun products). The root cause is when using an RSA key with exponent 3 that removes PKCS #1 padding prior to hash generation, enabling remote attackers to forge a PKCS #1 v1....
CVE-2003-1229
The issue concerns X509TrustManager in Java Secure Socket Extension (JSSE) across multiple Java platforms (SDK/JRE 1.4.0–1.4.0_01, JSSE before 1.0.3, Java Plug‑in SDK/JRE 1.3.0–1.4.1, and Java Web Start 1.0–1.2). The X509TrustManager incorrectly calls isClientTrusted when determining server trust...
CVE-2004-2393
Affected software : Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2. Issue : JSSE does not properly validate the certificate chain of a client or server, enabling remote attackers to falsely authenticate peers for SSL/TLS. Root cause : insufficient certificate-chain validation. Impact :...