CVE-2016-9955 in SimpleSAMLphpinformazioni

Riassunto

di MITRE

The SimpleSAML_XML_Validator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

15/12/2016

Divulgazione

16/02/2017

Moderazione

accettato

Voce

VDB-97060

CPE

pronto

CWE

CWE-20 (confermato)

CVSS

6.3 (NVD)

EPSS

0.01188

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-9955
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-9955
CVE Details	https://www.cvedetails.com/cve/CVE-2016-9955/

◂ Precedente Visione D'ensemble Il prossimo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!