CVE-2013-2172

by Fred · 20/08/2013

jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization algorithm to apply to the SignedInfo part of the Signature."

Date published : 2013-08-20

http://www.securityfocus.com/bid/60846

http://www.securityfocus.com/archive/1/534161/100/0/threaded

CVE-2013-2172

Similar

Recent Posts

Categories

CVE-2013-2172

Share this:

Similar

Recent Posts

Categories

Tags