Apache Axis2
6 CVEs affecting Apache Axis2. Latest disclosed: 2012-11-04. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2012-5785 | | 2012-11-04 | Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of… | |
CVE-2012-5351 | | 2012-10-09 | Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusio… | |
CVE-2012-4418 | | 2012-10-09 | Apache Axis2 allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack." | |
CVE-2010-0219 | | 2010-10-18 | Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for t… | |
CVE-2010-1632 | | 2010-06-22 | Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32… | |
CVE-2010-2103 | | 2010-05-27 | Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possi… |