NuytsTech Security

CVE-2011-1411

by ·

Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."

Date published : 2011-09-02

http://shibboleth.internet2.edu/secadv/secadv_20110725.txt

http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html

Tags: