Vulnerability CVE-2012-5784


Published: 2012-11-04

Description:
Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Type:

CWE-20

(Improper Input Validation)

Vendor: Apache
Product: Activemq 
Version: 5.7.0;
Product: AXIS 
Version:
1.4
1.3
1.2.1
1.2
1.1
1.0
Vendor: Paypal
Product: Mass pay 
Product: Transactional information soap 
Product: Payments pro 

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.8/10
4.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None

 References:
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00022.html
http://rhn.redhat.com/errata/RHSA-2013-0269.html
http://rhn.redhat.com/errata/RHSA-2013-0683.html
http://rhn.redhat.com/errata/RHSA-2014-0037.html
http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
http://www.securityfocus.com/bid/56408
https://exchange.xforce.ibmcloud.com/vulnerabilities/79829
https://lists.apache.org/thread.html/44d4e88a5fa8ae60deb752029afe9054da87c5f859caf296fcf585e5@%3Cjava-dev.axis.apache.org%3E
https://lists.apache.org/thread.html/de2af12dcaba653d02b03235327ca4aa930401813a3cced8e151d29c@%3Cjava-dev.axis.apache.org%3E

Related CVE
CVE-2017-6217
paypal/adaptivepayments-sdk-php v3.9.2 is vulnerable to a reflected XSS in the SetPaymentOptions.php resulting code execution
CVE-2017-6215
paypal/permissions-sdk-php is vulnerable to reflected XSS in the samples/GetAccessToken.php verification_code parameter, resulting in code execution.
CVE-2017-6213
paypal/invoice-sdk-php is vulnerable to reflected XSS in samples/permissions.php via the permToken parameter, resulting in code execution.
CVE-2013-7202
The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system.
CVE-2013-7201
WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.
CVE-2017-6099
Cross-site scripting (XSS) vulnerability in GetAuthDetails.html.php in PayPal PHP Merchant SDK (aka merchant-sdk-php) 3.9.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter.
CVE-2011-5237
PayPal WPS ToolKit does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid...
CVE-2012-5806
The PayPal Payments Pro module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL server...

Copyright 2019, cxsecurity.com

 

Back to Top