|
|
CVE Reference: CVE-2004-1756 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-1756 |
|
|
Description: BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote attackers to spoof other users or servers. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/15862 ST 1009765 SAID Secunia Advisory: SA11358 CONFIRM http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_54.00.jsp CERT-VN 566390 BID 10132 |
|
| Return to the previous page. |
