CVE-2013-2172 - jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1

CVE-2013-2172

Summary

jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization algorithm to apply to the SignedInfo part of the Signature."

References

Vulnerable Configurations

cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.0:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 18-04-2023 - 19:06)
Impact:
Exploitability:

CWE

CWE-310

CAPEC

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:P/A:N

redhat via4

advisories

rhsa
id RHSA-2013:1207
rhsa
id RHSA-2013:1208
rhsa
id RHSA-2013:1209
rhsa
id RHSA-2013:1217
rhsa
id RHSA-2013:1218
rhsa
id RHSA-2013:1219
rhsa
id RHSA-2013:1220
rhsa
id RHSA-2013:1375
rhsa
id RHSA-2013:1437
rhsa
id RHSA-2013:1853
rhsa
id RHSA-2014:0212

rpms

apache-commons-beanutils-0:1.8.3-12.redhat_3.2.ep6.el5
apache-commons-daemon-jsvc-eap6-1:1.0.15-2.redhat_2.ep6.el5
apache-commons-daemon-jsvc-eap6-debuginfo-1:1.0.15-2.redhat_2.ep6.el5
apache-cxf-0:2.6.8-8.redhat_7.1.ep6.el5
apache-cxf-xjc-utils-0:2.6.0-2.redhat_4.1.ep6.el5
cxf-xjc-boolean-0:2.6.0-2.redhat_4.1.ep6.el5
cxf-xjc-dv-0:2.6.0-2.redhat_4.1.ep6.el5
cxf-xjc-ts-0:2.6.0-2.redhat_4.1.ep6.el5
hibernate4-0:4.2.0-11.SP1_redhat_1.ep6.el5
hibernate4-core-0:4.2.0-11.SP1_redhat_1.ep6.el5
hibernate4-entitymanager-0:4.2.0-11.SP1_redhat_1.ep6.el5
hibernate4-envers-0:4.2.0-11.SP1_redhat_1.ep6.el5
hibernate4-infinispan-0:4.2.0-11.SP1_redhat_1.ep6.el5
hornetq-0:2.3.5-2.Final_redhat_2.1.ep6.el5
hornetq-native-0:2.3.5-1.Final_redhat_1.ep6.el5
hornetq-native-debuginfo-0:2.3.5-1.Final_redhat_1.ep6.el5
httpd-0:2.2.22-25.ep6.el5
httpd-debuginfo-0:2.2.22-25.ep6.el5
httpd-devel-0:2.2.22-25.ep6.el5
httpd-manual-0:2.2.22-25.ep6.el5
httpd-tools-0:2.2.22-25.ep6.el5
infinispan-0:5.2.7-1.Final_redhat_1.ep6.el5
infinispan-cachestore-jdbc-0:5.2.7-1.Final_redhat_1.ep6.el5
infinispan-cachestore-remote-0:5.2.7-1.Final_redhat_1.ep6.el5
infinispan-client-hotrod-0:5.2.7-1.Final_redhat_1.ep6.el5
infinispan-core-0:5.2.7-1.Final_redhat_1.ep6.el5
ironjacamar-0:1.0.19-1.Final_redhat_2.ep6.el5
ironjacamar-common-api-0:1.0.19-1.Final_redhat_2.ep6.el5
ironjacamar-common-impl-0:1.0.19-1.Final_redhat_2.ep6.el5
ironjacamar-common-spi-0:1.0.19-1.Final_redhat_2.ep6.el5
ironjacamar-core-api-0:1.0.19-1.Final_redhat_2.ep6.el5
ironjacamar-core-impl-0:1.0.19-1.Final_redhat_2.ep6.el5
ironjacamar-deployers-common-0:1.0.19-1.Final_redhat_2.ep6.el5
ironjacamar-jdbc-0:1.0.19-1.Final_redhat_2.ep6.el5
ironjacamar-spec-api-0:1.0.19-1.Final_redhat_2.ep6.el5
ironjacamar-validator-0:1.0.19-1.Final_redhat_2.ep6.el5
jaxbintros-0:1.0.2-16.GA_redhat_6.ep6.el5
jboss-aesh-0:0.33.7-2.redhat_2.1.ep6.el5
jboss-as-appclient-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-cli-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-client-all-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-clustering-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-cmp-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-configadmin-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-connector-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-console-0:1.5.6-2.Final_redhat_2.1.ep6.el5
jboss-as-controller-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-controller-client-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-deployment-repository-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-deployment-scanner-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-domain-http-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-domain-management-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-ee-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-ee-deployment-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-ejb3-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-embedded-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-host-controller-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-jacorb-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-jaxr-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-jaxrs-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-jdr-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-jmx-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-jpa-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-jsf-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-jsr77-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-logging-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-mail-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-management-client-content-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-messaging-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-modcluster-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-naming-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-network-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-osgi-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-osgi-configadmin-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-osgi-service-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-platform-mbean-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-pojo-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-process-controller-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-protocol-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-remoting-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-sar-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-security-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-server-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-system-jmx-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-threads-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-transactions-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-version-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-web-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-webservices-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-weld-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-as-xts-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jboss-ejb-client-0:1.0.23-1.Final_redhat_1.ep6.el5
jboss-hal-0:1.5.7-1.Final_redhat_1.1.ep6.el5
jboss-invocation-0:1.1.2-1.Final_redhat_1.ep6.el5
jboss-jsp-api_2.2_spec-0:1.0.1-6.Final_redhat_2.ep6.el5
jboss-logmanager-0:1.4.3-1.Final_redhat_1.ep6.el5
jboss-marshalling-0:1.3.18-2.GA_redhat_1.1.ep6.el5
jboss-modules-0:1.2.2-1.Final_redhat_1.ep6.el5
jboss-remote-naming-0:1.0.7-1.Final_redhat_1.ep6.el5
jboss-security-negotiation-0:2.2.5-2.Final_redhat_2.ep6.el5
jboss-stdio-0:1.0.2-1.GA_redhat_1.ep6.el5
jbossas-appclient-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jbossas-bundles-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jbossas-core-0:7.2.1-6.Final_redhat_10.1.ep6.el5
jbossas-domain-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jbossas-hornetq-native-0:2.3.5-1.Final_redhat_1.ep6.el5
jbossas-javadocs-0:7.2.1-2.Final_redhat_10.ep6.el5
jbossas-modules-eap-0:7.2.1-9.Final_redhat_10.1.ep6.el5
jbossas-product-eap-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jbossas-standalone-0:7.2.1-6.Final_redhat_10.1.ep6.el5
jbossas-welcome-content-eap-0:7.2.1-5.Final_redhat_10.1.ep6.el5
jbossts-1:4.17.7-4.Final_redhat_4.ep6.el5
jbossweb-0:7.2.2-1.Final_redhat_1.1.ep6.el5
jbossws-common-0:2.1.3-1.Final_redhat_1.ep6.el5
jbossws-cxf-0:4.1.4-7.Final_redhat_7.ep6.el5
jbossws-spi-0:2.1.3-1.Final_redhat_1.ep6.el5
jcip-annotations-eap6-0:1.0-4.redhat_4.ep6.el5
jgroups-1:3.2.10-1.Final_redhat_2.2.ep6.el5
log4j-jboss-logmanager-0:1.0.2-1.Final_redhat_1.ep6.el5
mod_ssl-1:2.2.22-25.ep6.el5
netty-0:3.6.6-3.Final_redhat_1.1.ep6.el5
opensaml-0:2.5.1-2.redhat_2.1.ep6.el5
openws-0:1.4.2-10.redhat_4.1.ep6.el5
picketbox-0:4.0.17-3.SP2_redhat_2.1.ep6.el5
picketlink-federation-0:2.1.6.3-2.Final_redhat_2.2.ep6.el5
wss4j-0:1.6.10-1.redhat_1.ep6.el5
xml-security-0:1.5.5-1.redhat_1.ep6.el5
apache-commons-beanutils-0:1.8.3-12.redhat_3.2.ep6.el6
apache-commons-daemon-jsvc-eap6-1:1.0.15-2.redhat_2.ep6.el6
apache-commons-daemon-jsvc-eap6-debuginfo-1:1.0.15-2.redhat_2.ep6.el6
apache-cxf-0:2.6.8-8.redhat_7.1.ep6.el6
apache-cxf-xjc-utils-0:2.6.0-2.redhat_4.1.ep6.el6
cxf-xjc-boolean-0:2.6.0-2.redhat_4.1.ep6.el6
cxf-xjc-dv-0:2.6.0-2.redhat_4.1.ep6.el6
cxf-xjc-ts-0:2.6.0-2.redhat_4.1.ep6.el6
hibernate4-0:4.2.0-7.SP1_redhat_1.ep6.el6
hibernate4-core-0:4.2.0-7.SP1_redhat_1.ep6.el6
hibernate4-entitymanager-0:4.2.0-7.SP1_redhat_1.ep6.el6
hibernate4-envers-0:4.2.0-7.SP1_redhat_1.ep6.el6
hibernate4-infinispan-0:4.2.0-7.SP1_redhat_1.ep6.el6
hornetq-0:2.3.5-2.Final_redhat_2.1.ep6.el6
hornetq-native-0:2.3.5-1.Final_redhat_1.ep6.el6
hornetq-native-debuginfo-0:2.3.5-1.Final_redhat_1.ep6.el6
httpd-0:2.2.22-25.ep6.el6
httpd-debuginfo-0:2.2.22-25.ep6.el6
httpd-devel-0:2.2.22-25.ep6.el6
httpd-manual-0:2.2.22-25.ep6.el6
httpd-tools-0:2.2.22-25.ep6.el6
infinispan-0:5.2.7-1.Final_redhat_1.ep6.el6
infinispan-cachestore-jdbc-0:5.2.7-1.Final_redhat_1.ep6.el6
infinispan-cachestore-remote-0:5.2.7-1.Final_redhat_1.ep6.el6
infinispan-client-hotrod-0:5.2.7-1.Final_redhat_1.ep6.el6
infinispan-core-0:5.2.7-1.Final_redhat_1.ep6.el6
ironjacamar-0:1.0.19-1.Final_redhat_2.ep6.el6
ironjacamar-common-api-0:1.0.19-1.Final_redhat_2.ep6.el6
ironjacamar-common-impl-0:1.0.19-1.Final_redhat_2.ep6.el6
ironjacamar-common-spi-0:1.0.19-1.Final_redhat_2.ep6.el6
ironjacamar-core-api-0:1.0.19-1.Final_redhat_2.ep6.el6
ironjacamar-core-impl-0:1.0.19-1.Final_redhat_2.ep6.el6
ironjacamar-deployers-common-0:1.0.19-1.Final_redhat_2.ep6.el6
ironjacamar-jdbc-0:1.0.19-1.Final_redhat_2.ep6.el6
ironjacamar-spec-api-0:1.0.19-1.Final_redhat_2.ep6.el6
ironjacamar-validator-0:1.0.19-1.Final_redhat_2.ep6.el6
jaxbintros-0:1.0.2-16.GA_redhat_6.ep6.el6
jboss-aesh-0:0.33.7-2.redhat_2.1.ep6.el6
jboss-as-appclient-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-cli-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-client-all-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-clustering-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-cmp-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-configadmin-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-connector-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-console-0:1.5.6-2.Final_redhat_2.1.ep6.el6
jboss-as-controller-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-controller-client-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-deployment-repository-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-deployment-scanner-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-domain-http-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-domain-management-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-ee-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-ee-deployment-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-ejb3-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-embedded-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-host-controller-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-jacorb-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-jaxr-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-jaxrs-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-jdr-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-jmx-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-jpa-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-jsf-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-jsr77-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-logging-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-mail-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-management-client-content-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-messaging-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-modcluster-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-naming-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-network-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-osgi-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-osgi-configadmin-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-osgi-service-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-platform-mbean-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-pojo-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-process-controller-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-protocol-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-remoting-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-sar-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-security-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-server-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-system-jmx-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-threads-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-transactions-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-version-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-web-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-webservices-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-weld-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-as-xts-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jboss-ejb-client-0:1.0.23-1.Final_redhat_1.ep6.el6
jboss-hal-0:1.5.7-1.Final_redhat_1.1.ep6.el6
jboss-invocation-0:1.1.2-1.Final_redhat_1.ep6.el6
jboss-jsp-api_2.2_spec-0:1.0.1-6.Final_redhat_2.ep6.el6
jboss-logmanager-0:1.4.3-1.Final_redhat_1.ep6.el6
jboss-marshalling-0:1.3.18-1.GA_redhat_1.1.ep6.el6
jboss-modules-0:1.2.2-1.Final_redhat_1.ep6.el6
jboss-remote-naming-0:1.0.7-1.Final_redhat_1.ep6.el6
jboss-security-negotiation-0:2.2.5-2.Final_redhat_2.ep6.el6
jboss-stdio-0:1.0.2-1.GA_redhat_1.ep6.el6
jbossas-appclient-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jbossas-bundles-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jbossas-core-0:7.2.1-6.Final_redhat_10.1.ep6.el6
jbossas-domain-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jbossas-hornetq-native-0:2.3.5-1.Final_redhat_1.ep6.el6
jbossas-javadocs-0:7.2.1-2.Final_redhat_10.ep6.el6
jbossas-modules-eap-0:7.2.1-9.Final_redhat_10.1.ep6.el6
jbossas-product-eap-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jbossas-standalone-0:7.2.1-6.Final_redhat_10.1.ep6.el6
jbossas-welcome-content-eap-0:7.2.1-5.Final_redhat_10.1.ep6.el6
jbossts-1:4.17.7-4.Final_redhat_4.ep6.el6
jbossweb-0:7.2.2-1.Final_redhat_1.1.ep6.el6
jbossws-common-0:2.1.3-1.Final_redhat_1.ep6.el6
jbossws-cxf-0:4.1.4-7.Final_redhat_7.ep6.el6
jbossws-spi-0:2.1.3-1.Final_redhat_1.ep6.el6
jcip-annotations-eap6-0:1.0-4.redhat_4.ep6.el6
jgroups-1:3.2.10-1.Final_redhat_2.2.ep6.el6
log4j-jboss-logmanager-0:1.0.2-1.Final_redhat_1.ep6.el6
mod_ssl-1:2.2.22-25.ep6.el6
netty-0:3.6.6-2.Final_redhat_1.1.ep6.el6
opensaml-0:2.5.1-2.redhat_2.1.ep6.el6
openws-0:1.4.2-10.redhat_4.1.ep6.el6
picketbox-0:4.0.17-3.SP2_redhat_2.1.ep6.el6
picketlink-federation-0:2.1.6.3-2.Final_redhat_2.2.ep6.el6
wss4j-0:1.6.10-1.redhat_1.ep6.el6
xml-security-0:1.5.5-1.redhat_1.ep6.el6
xml-security-0:1.5.1-3_patch01.ep5.el4
xml-security-0:1.5.1-3_patch01.ep5.el5
xml-security-0:1.5.1-3_patch01.ep5.el6
xml-security-0:1.5.1-3_patch01.ep5.el4
xml-security-0:1.5.1-3_patch01.ep5.el5
xml-security-0:1.5.1-3_patch01.ep5.el6

refmap via4

bid	60846
bugtraq	20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
confirm	http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html http://www.vmware.com/security/advisories/VMSA-2014-0012.html
debian	DSA-3065
fulldisc	20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
misc	http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.5.x-fixes/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java?r1=1353876&r2=1493772&pathrev=1493772&diff_format=h
mlist	[santuario-commits] 20190823 svn commit: r1049214 - in /websites/production/santuario/content: cache/main.pageCache download.html index.html javaindex.html javareleasenotes.html secadv.data/CVE-2019-12400.asc secadv.html
osvdb	94651
secunia	54019
ubuntu	USN-2028-1

Last major update

18-04-2023 - 19:06

Published

20-08-2013 - 22:55

Last modified

18-04-2023 - 19:06