CVE-2011-1096 — Vulnetix

Try Vulnetix Request Demo

CVE-2011-1096 PUBLISHED

Reported by redhat · Published November 23, 2012

The W3C XML Encryption Standard, as used in the JBoss Web Services (JBossWS) component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining (CBC) mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on SOAP responses, aka "character encoding pattern attack."

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a

Timeline

Nov 23, 2012 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 3, 2023 EPSS Score
Feb 4, 2023 EPSS Score
Feb 13, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score

References

x_refsource_MISC
x_refsource_CONFIRM
RHSA-2012:1301 vendor-advisoryx_refsource_REDHAT
x_refsource_MISC
RHSA-2013:0192 vendor-advisoryx_refsource_REDHAT
RHSA-2013:0198 vendor-advisoryx_refsource_REDHAT
x_refsource_MISC
RHSA-2013:0195 vendor-advisoryx_refsource_REDHAT
RHSA-2013:0221 vendor-advisoryx_refsource_REDHAT
RHSA-2013:0196 vendor-advisoryx_refsource_REDHAT
RHSA-2013:1437 vendor-advisoryx_refsource_REDHAT
RHSA-2013:0193 vendor-advisoryx_refsource_REDHAT
55770 vdb-entryx_refsource_BID
51984 third-party-advisoryx_refsource_SECUNIA
52054 third-party-advisoryx_refsource_SECUNIA
jboss-web-services-cbc-info-disc(79031) vdb-entryx_refsource_XF
RHSA-2012:1344 vendor-advisoryx_refsource_REDHAT
RHSA-2013:0261 vendor-advisoryx_refsource_REDHAT
RHSA-2013:0191 vendor-advisoryx_refsource_REDHAT
RHSA-2012:1330 vendor-advisoryx_refsource_REDHAT

…and 11 more

Open in Interactive Console →