CVE-2011-1096

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://coheigea.blogspot.com/2012/04/note-on-cve-2011-1096.html", "name": "http://coheigea.blogspot.com/2012/04/note-on-cve-2011-1096.html", "tags": [], "refsource": "MISC"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1301.html", "name": "RHSA-2012:1301", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.csoonline.com/article/692366/widely-used-encryption-standard-is-insecure-say-experts", "name": "http://www.csoonline.com/article/692366/widely-used-encryption-standard-is-insecure-say-experts", "tags": [], "refsource": "MISC"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=681916", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=681916", "tags": [], "refsource": "MISC"}, {"url": "http://cxf.apache.org/note-on-cve-2011-1096.html", "name": "http://cxf.apache.org/note-on-cve-2011-1096.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1344.html", "name": "RHSA-2012:1344", "tags": [], "refsource": "REDHAT"}, {"url": "http://dl.acm.org/citation.cfm?id=2046756&dl=ACM&coll=DL", "name": "http://dl.acm.org/citation.cfm?id=2046756&dl=ACM&coll=DL", "tags": [], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/55770", "name": "55770", "tags": [], "refsource": "BID"}, {"url": "http://aktuell.ruhr-uni-bochum.de/pm2011/pm00330.html.de", "name": "http://aktuell.ruhr-uni-bochum.de/pm2011/pm00330.html.de", "tags": [], "refsource": "MISC"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1330.html", "name": "RHSA-2012:1330", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0194.html", "name": "RHSA-2013:0194", "tags": [], "refsource": "REDHAT"}, {"url": "http://secunia.com/advisories/51984", "name": "51984", "tags": [], "refsource": "SECUNIA"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0195.html", "name": "RHSA-2013:0195", "tags": [], "refsource": "REDHAT"}, {"url": "http://secunia.com/advisories/52054", "name": "52054", "tags": [], "refsource": "SECUNIA"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0198.html", "name": "RHSA-2013:0198", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0197.html", "name": "RHSA-2013:0197", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0191.html", "name": "RHSA-2013:0191", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0196.html", "name": "RHSA-2013:0196", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0221.html", "name": "RHSA-2013:0221", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0193.html", "name": "RHSA-2013:0193", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0192.html", "name": "RHSA-2013:0192", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0261.html", "name": "RHSA-2013:0261", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1437.html", "name": "RHSA-2013:1437", "tags": [], "refsource": "REDHAT"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79031", "name": "jboss-web-services-cbc-info-disc(79031)", "tags": [], "refsource": "XF"}, {"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E", "name": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E", "tags": [], "refsource": "MISC"}, {"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E", "name": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E", "tags": [], "refsource": "MISC"}, {"url": "https://lists.apache.org/thread.html/8d5d29747548a24cccdb7f3e2d4d599ffb7ffe4537426b3c9a852cf4%40%3Ccommits.cxf.apache.org%3E", "name": "https://lists.apache.org/thread.html/8d5d29747548a24cccdb7f3e2d4d599ffb7ffe4537426b3c9a852cf4%40%3Ccommits.cxf.apache.org%3E", "tags": [], "refsource": "MISC"}, {"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E", "name": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E", "tags": [], "refsource": "MISC"}, {"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E", "name": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E", "tags": [], "refsource": "MISC"}, {"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E", "name": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E", "tags": [], "refsource": "MISC"}, {"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E", "name": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The W3C XML Encryption Standard, as used in the JBoss Web Services (JBossWS) component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining (CBC) mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on SOAP responses, aka \"character encoding pattern attack.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-310"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-1096", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2012-11-23T20:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "5.2.1"}, {"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-02-13T01:18Z"}