Java Secure Socket Extension (JSSE) 1.0.3 up to and including 1.0.3_2 does not properly validate the certificate chain of a client or server, which allows remote malicious users to falsely authenticate peers for SSL/TLS.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun jsse 1.0.3_02 |
||
sun jsse 1.0.3 |
||
sun jsse 1.0.3_01 |