VDB
CVE-2011-1096
CVE-2011-1096
PUBLISHED
Reported by redhat · Published November 23, 2012
The W3C XML Encryption Standard, as used in the JBoss Web Services (JBossWS) component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining (CBC) mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on SOAP responses, aka "character encoding pattern attack."
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
Timeline
- Nov 23, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 9, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
References
- x_refsource_MISC
- x_refsource_CONFIRM
- RHSA-2012:1301 vendor-advisoryx_refsource_REDHAT
- x_refsource_MISC
- RHSA-2013:0192 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0198 vendor-advisoryx_refsource_REDHAT
- x_refsource_MISC
- RHSA-2013:0195 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0221 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0196 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:1437 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0193 vendor-advisoryx_refsource_REDHAT
- 55770 vdb-entryx_refsource_BID
- 51984 third-party-advisoryx_refsource_SECUNIA
- 52054 third-party-advisoryx_refsource_SECUNIA
- jboss-web-services-cbc-info-disc(79031) vdb-entryx_refsource_XF
- RHSA-2012:1344 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0261 vendor-advisoryx_refsource_REDHAT
- RHSA-2013:0191 vendor-advisoryx_refsource_REDHAT
- RHSA-2012:1330 vendor-advisoryx_refsource_REDHAT
…and 11 more