CVE-2014-0350

The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wildcard domain name in an X.509 certificate.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:pocoproject:poco_c\+\+_libraries:1.4.6:p2:*:*:*:*:*:*
cpe:2.3:a:pocoproject:poco_c\+\+_libraries:1.4.6:p1:*:*:*:*:*:*
cpe:2.3:a:pocoproject:poco_c\+\+_libraries:*:p3:*:*:*:*:*:*
cpe:2.3:a:pocoproject:poco_c\+\+_libraries:1.4.6:-:*:*:*:*:*:*
cpe:2.3:a:pocoproject:poco_c\+\+_libraries:1.4.5:*:*:*:*:*:*:*

Information

Published : 2014-04-25 18:55

Updated : 2016-12-05 18:59


NVD link : CVE-2014-0350

Mitre link : CVE-2014-0350


JSON object : View

CWE
CWE-310

Cryptographic Issues

Advertisement

dedicated server usa

Products Affected

pocoproject

  • poco_c\+\+_libraries