message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used in JBoss Enterprise Application Platform 5.1 before 5.1.2, Step2, Kay Framework before 1.0.2, and possibly other products does not verify that Attribute Exchange (AX) information is signed, which allows remote attackers to modify potentially sensitive AX information without detection via a man-in-the-middle (MITM) attack.
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
| Link | Tags |
|---|---|
| http://www.redhat.com/support/errata/RHSA-2011-1804.html | vendor advisory |
| http://secunia.com/advisories/44496 | third party advisory vendor advisory |
| http://openid.net/2011/05/05/attribute-exchange-security-alert/ | patch vendor advisory |
| http://rhn.redhat.com/errata/RHSA-2012-0519.html | vendor advisory |
| http://secunia.com/advisories/48954 | third party advisory |
| http://rhn.redhat.com/errata/RHSA-2012-0441.html | vendor advisory |
| http://www.openwall.com/lists/oss-security/2011/11/16/1 | mailing list |
| https://issues.jboss.org/browse/SOA-3597 | |
| https://issues.jboss.org/browse/JBEPP-1368 | |
| http://securitytracker.com/id?1026400 | vdb entry |
| http://www.openwall.com/lists/oss-security/2011/11/17/1 | mailing list |
| http://secunia.com/advisories/48697 | third party advisory |