Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2019-3465
Description:Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used for example by SimpleSAMLphp, performed incorrect validation of cryptographic signatures in XML messages, allowing an authenticated attacker to impersonate others or elevate privileges by creating a crafted XML message.
Test IDs: 1.3.6.1.4.1.25623.1.0.704560   1.3.6.1.4.1.25623.1.0.891983   1.3.6.1.4.1.25623.1.0.877009   1.3.6.1.4.1.25623.1.0.877011   1.3.6.1.4.1.25623.1.0.877016   1.3.6.1.4.1.25623.1.0.877003   1.3.6.1.4.1.25623.1.0.877320   1.3.6.1.4.1.25623.1.0.877112   1.3.6.1.4.1.25623.1.0.877693   1.3.6.1.4.1.25623.1.0.877729   1.3.6.1.4.1.25623.1.0.877696  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2019-3465
Bugtraq: 20191106 [SECURITY] [DSA 4560-1] simplesamlphp security update (Google Search)
https://seclists.org/bugtraq/2019/Nov/8
Debian Security Information: DSA-4560 (Google Search)
https://www.debian.org/security/2019/dsa-4560
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KID7C4AZPYYIZQIPSLANP4R2RQR6YK3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MAWOVYLZKYDCQBLQEJCFAAD3KQTBPHXE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AB34ILMJ67CUROBOR6YPKB46VHXLOAJ4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ESKJTWLE7QZBQ3EKMYXKMBQG3JDEJWM6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBSSRV5Q7JFCYO46A3EN624UZ4KXFQ2M/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HBE2SJSXG7J4XYLJ2H6HC2VPPOG2OMUN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BNFMY5RRLU63P25HEBVDO5KAVI7TX7JV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BBKVDUZ7G5ZOUO4BFJWLNJ6VOKBQJX5U/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCSR3V6LNWJAD37VQB6M2K7P4RQSCVFG/
https://github.com/robrichards/xmlseclibs/commit/0a53d3c3aa87564910cae4ed01416441d3ae0db5
https://simplesamlphp.org/security/201911-01
https://lists.debian.org/debian-lts-announce/2019/11/msg00003.html




© 1998-2024 E-Soft Inc. All rights reserved.