Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

internet2 shibboleth-sp 1.3f vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv2
CVE-2009-3475
Internet2 Shibboleth Service Provider software 1.3.x prior to 1.3.3 and 2.x prior to 2.2.1, when using PKIX trust validation, does not properly handle a '\0' character in the subject or subjectAltName fields of a certificate, which allows remote man-in-the-middle malici...
Internet2 Shibboleth-sp 2.0Internet2 Shibboleth-sp 1.3.1Internet2 Shibboleth-sp 1.3fInternet2 Shibboleth-sp 2.2Internet2 Shibboleth-sp 2.1Internet2 Shibboleth-sp 1.3.2
7.5
CVSSv2
CVE-2009-3474
OpenSAML 2.x prior to 2.2.1 and XMLTooling 1.x prior to 1.2.1, as used by Internet2 Shibboleth Service Provider 2.x prior to 2.2.1, do not follow the KeyDescriptor element's Use attribute, which allows remote malicious users to use a certificate for both signing and encrypti...
Internet2 Opensaml 2.1.0Internet2 Xmltooling 1.2.0Internet2 Opensaml 2.2.0Internet2 Opensaml 2.0Internet2 Xmltooling 1.0.1Internet2 Xmltooling 1.1.0Internet2 Xmltooling 1.1.1Internet2 Shibboleth-sp 2.2Internet2 Shibboleth-sp 2.1Internet2 Shibboleth-sp 1.3.1Internet2 Shibboleth-sp 2.0Internet2 Shibboleth-sp 1.3fInternet2 Shibboleth-sp 1.3bInternet2 Shibboleth-sp 1.3.2
9.3
CVSSv2
CVE-2009-3476
Buffer overflow in OpenSAML prior to 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x prior to 1.3.4, and XMLTooling prior to 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x prior to 2.2.1, allows remote malicious users to cause a denial o...
Internet2 Shibboleth-sp 1.3.2Internet2 Shibboleth-sp 1.3.3Internet2 Shibboleth-sp 1.3.1Internet2 Shibboleth-sp 1.3fInternet2 Opensaml 1.1Internet2 Opensaml 1.1.1Internet2 Xmltooling 1.1.0Internet2 Xmltooling 1.0.1Internet2 Xmltooling 1.1.1Internet2 Xmltooling 1.2.0Internet2 Xmltooling 1.2.1Internet2 Shibboleth-sp 2.0Internet2 Shibboleth-sp 2.1Internet2 Shibboleth-sp 2.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook