CVE-2011-1411 in Oracle Fusion Middlewareinfo

Summary

Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."

Reservation

03/10/2011

Disclosure

09/02/2011

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
6697	Oracle Fusion Middleware WebLogic Server improper authentication	287	Not defined	Official fix	CVE-2011-1411
6696	Oracle Fusion Middleware Event Processing improper authentication	287	Not defined	Official fix	CVE-2011-1411

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!