RSS   Vulnerabilities for 'Entelligence security provider'   RSS

2007-08-29
 
CVE-2007-4594

CWE-255
 

 
Entrust Entelligence Security Provider (ESP) 8 does not properly validate certificates in certain circumstances involving (1) a chain that omits the root Certification Authority (CA) certificate, or an application that specifies disregarding (2) unknown revocation statuses during path validation or (3) certain errors in the certification path, which might allow context-dependent attackers to spoof certificate authentication. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

 

 >>> Vendor: Entrust 4 Products
Getaccess
Entrust authority security manager
Entrust libkmp isakmp library
Entelligence security provider


Copyright 2019, cxsecurity.com

 

Back to Top