IDCVSSSummaryLast (major) updatePublished
CVE-2010-1632 7.5
Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Ge
30-07-2017 - 01:29 22-06-2010 - 20:30
CVE-2012-4418 5.8
Apache Axis2 allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
30-01-2013 - 04:54 09-10-2012 - 23:55
CVE-2012-5351 6.4
Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418.
29-08-2017 - 01:32 09-10-2012 - 23:55
CVE-2012-5785 5.8
Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a
29-08-2017 - 01:32 04-11-2012 - 22:55
Back to Top Mark selected
Back to Top