CVE

Id
59396  
CVE No.
CVE-2012-6153  
Status
Candidate  
Description
http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject"s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783.  
Phase
Assigned (20121206)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
605049 59396 CVE-2012-6153 CONFIRM:http://svn.apache.org/viewvc?view=revision&revision=1411705  View
605050 59396 CVE-2012-6153 CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1129916  View
605051 59396 CVE-2012-6153 CONFIRM:https://access.redhat.com/solutions/1165533  View
605052 59396 CVE-2012-6153 CONFIRM:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564  View
605053 59396 CVE-2012-6153 REDHAT:RHSA-2014:1098  View
605054 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2014-1098.html  View
605055 59396 CVE-2012-6153 REDHAT:RHSA-2014:1833  View
605056 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2014-1833.html  View
605057 59396 CVE-2012-6153 REDHAT:RHSA-2014:1834  View
605058 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2014-1834.html  View
605059 59396 CVE-2012-6153 REDHAT:RHSA-2014:1835  View
605060 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2014-1835.html  View
605061 59396 CVE-2012-6153 REDHAT:RHSA-2014:1836  View
605062 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2014-1836.html  View
605063 59396 CVE-2012-6153 REDHAT:RHSA-2014:1891  View
605064 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2014-1891.html  View
605065 59396 CVE-2012-6153 REDHAT:RHSA-2014:1892  View
605066 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2014-1892.html  View
605067 59396 CVE-2012-6153 REDHAT:RHSA-2015:0158  View
605068 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2015-0158.html  View
605069 59396 CVE-2012-6153 REDHAT:RHSA-2015:0125  View
605070 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2015-0125.html  View
605071 59396 CVE-2012-6153 REDHAT:RHSA-2015:0675  View
605072 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2015-0675.html  View
605073 59396 CVE-2012-6153 REDHAT:RHSA-2015:0720  View
605074 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2015-0720.html  View
605075 59396 CVE-2012-6153 REDHAT:RHSA-2015:0765  View
605076 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2015-0765.html  View
605077 59396 CVE-2012-6153 REDHAT:RHSA-2015:0850  View
605078 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2015-0850.html  View
605079 59396 CVE-2012-6153 REDHAT:RHSA-2015:0851  View
605080 59396 CVE-2012-6153 URL:http://rhn.redhat.com/errata/RHSA-2015-0851.html  View
605081 59396 CVE-2012-6153 UBUNTU:USN-2769-1  View
605082 59396 CVE-2012-6153 URL:http://www.ubuntu.com/usn/USN-2769-1  View
605083 59396 CVE-2012-6153 BID:69257  View

Related JVN