QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2012-2203

Back to search

CVE-2012-2203

Published: Aug 8, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, uses the PKCS #12 file format for certificate objects without enforcing file integrity, which makes it easier for remote attackers to spoof SSL servers via vectors involving insertion of an arbitrary root Certification Authority (CA) certificate.

VendorProductVersions

n/a

n/a

affected
n/a

References

rds-gskit-pkcs-spoofing(77280)
vdb-entry
x_refsource_XF
51279
third-party-advisory
x_refsource_SECUNIA
IV31975
vendor-advisory
x_refsource_AIXAPAR
54743
vdb-entry
x_refsource_BID
IV31973
vendor-advisory
x_refsource_AIXAPAR

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now