Sun JSSE 1.0.3 _01

CPE Details

Sun JSSE 1.0.3 _01
1.0.3_01
2007-08-23
19h16 +00:00
2008-04-07
12h52 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:sun:jsse:1.0.3_01:*:*:*:*:*:*:*

Informations

Vendor

sun

Product

jsse

Version

1.0.3_01

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2006-5201 2006-10-09 16h00 +00:00 Multiple packages on Sun Solaris, including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier, SDK and JRE 1.4.x up to 1.4.2_12, and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.
4
CVE-2004-2393 2005-08-17 02h00 +00:00 Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not properly validate the certificate chain of a client or server, which allows remote attackers to falsely authenticate peers for SSL/TLS.
7.5