Improper Handling of Exceptional Conditions
CVE-2011-4625
Summary
simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- NONE
- NONE
CWE-755 - Improper Handling of Exceptional Conditions
The software does not handle or incorrectly handles an exceptional condition.
References
Advisory Timeline
- Published