oval:org.mitre.oval:def:7158
Definition Id: oval:org.mitre.oval:def:7158 | |||
Oval ID: | oval:org.mitre.oval:def:7158 | ||
Title: | XML Signature HMAC Truncation Authentication Bypass Vulnerability | ||
Description: | The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0217 | Version: | 11 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft .NET Framework |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6438 | |||
Oval ID: | oval:org.mitre.oval:def:6438 | ||
Title: | Microsoft Windows Server 2008 R2 x64 Edition is installed | ||
Description: | The operating system installed on the system is Microsoft Windows Server 2008 R2 x64 Edition | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_server_2008:r2::x64 | Version: | 9 |
Platform(s): | Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:15247 | |||
Oval ID: | oval:org.mitre.oval:def:15247 | ||
Title: | Microsoft Windows XP x64 is installed | ||
Description: | A version of Microsoft Windows XP x64 is installed. | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_xp::x64 | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:1834 | |||
Oval ID: | oval:org.mitre.oval:def:1834 | ||
Title: | Microsoft .NET Framework 1.1 Service Pack 1 is Installed | ||
Description: | Microsoft .NET Framework 1.1 Service Pack 1 is Installed | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/a:microsoft:.net_framework:1.1:sp1 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft .NET Framework 1.1 |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:12542 | |||
Oval ID: | oval:org.mitre.oval:def:12542 | ||
Title: | Microsoft .NET Framework 3.5 SP1 is installed | ||
Description: | Microsoft .NET Framework 3.5 SP1 is installed | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/a:microsoft:.net_framework:3.5:sp1 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft .NET Framework 3.5 |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:396 | |||
Oval ID: | oval:org.mitre.oval:def:396 | ||
Title: | Microsoft Windows Server 2003 (ia64) Gold is installed | ||
Description: | A version of Microsoft Windows Server 2003 (ia64) Gold is installed. | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_server_2003::-:itanium | Version: | 11 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:730 | |||
Oval ID: | oval:org.mitre.oval:def:730 | ||
Title: | Microsoft Windows Server 2003 (x64) is installed | ||
Description: | A version of Microsoft Windows Server 2003 (x64) is installed. | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_server_2003:::x64 | Version: | 11 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:1870 | |||
Oval ID: | oval:org.mitre.oval:def:1870 | ||
Title: | Microsoft Windows Server 2003 (32-bit) is installed | ||
Description: | A version of Microsoft Windows Server 2003 (32-bit) is installed. | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_server_2003:::x86 | Version: | 8 |
Platform(s): | Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:105 | |||
Oval ID: | oval:org.mitre.oval:def:105 | ||
Title: | Microsoft Windows XP is installed | ||
Description: | The operating system installed on the system is Microsoft Windows XP. | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_xp | Version: | 5 |
Platform(s): | Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6689 | |||
Oval ID: | oval:org.mitre.oval:def:6689 | ||
Title: | Microsoft .NET Framework 3.5 Original Release is installed | ||
Description: | Microsoft .NET Framework 3.5 Original Release is installed | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/a:microsoft:.net_framework:3.5:- | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft .NET Framework 3.5 |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:5954 | |||
Oval ID: | oval:org.mitre.oval:def:5954 | ||
Title: | Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed | ||
Description: | The operating system installed on the system is Microsoft Windows Server 2008 R2 Itanium Edition | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_server_2008:r2::itanium | Version: | 8 |
Platform(s): | Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:5667 | |||
Oval ID: | oval:org.mitre.oval:def:5667 | ||
Title: | Microsoft Windows Server 2008 (ia-64) is installed | ||
Description: | The operating system installed on the system is Microsoft Windows Server 2008 Itanium Edition | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_server_2008:::itanium | Version: | 6 |
Platform(s): | Microsoft Windows Server 2008 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:5356 | |||
Oval ID: | oval:org.mitre.oval:def:5356 | ||
Title: | Microsoft Windows Server 2008 (64-bit) is installed | ||
Description: | The operating system installed on the system is Microsoft Windows Server 2008 (64-bit) | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_server_2008:::x64 | Version: | 8 |
Platform(s): | Microsoft Windows Server 2008 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:4870 | |||
Oval ID: | oval:org.mitre.oval:def:4870 | ||
Title: | Microsoft Windows Server 2008 (32-bit) is installed | ||
Description: | The operating system installed on the system is Microsoft Windows Server 2008 (32-bit) | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_server_2008:::x86 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2008 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:5950 | |||
Oval ID: | oval:org.mitre.oval:def:5950 | ||
Title: | Microsoft Windows 7 x64 Edition is installed | ||
Description: | The operating system installed on the system is Microsoft Windows 7 x64 Edition | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_7:::x64 | Version: | 7 |
Platform(s): | Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:6165 | |||
Oval ID: | oval:org.mitre.oval:def:6165 | ||
Title: | Microsoft Windows 7 (32-bit) is installed | ||
Description: | The operating system installed on the system is Microsoft Windows 7 (32-bit) | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_7:::x86 | Version: | 5 |
Platform(s): | Microsoft Windows 7 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:2041 | |||
Oval ID: | oval:org.mitre.oval:def:2041 | ||
Title: | Microsoft Windows Vista x64 Edition is installed | ||
Description: | The operating system installed on the system is Microsoft Windows Vista x64 Edition | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_vista:::x64 | Version: | 6 |
Platform(s): | Microsoft Windows Vista | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:1282 | |||
Oval ID: | oval:org.mitre.oval:def:1282 | ||
Title: | Microsoft Windows Vista (32-bit) is installed | ||
Description: | The operating system installed on the system is Microsoft Windows Vista (32-bit) | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_vista:::x86 | Version: | 4 |
Platform(s): | Microsoft Windows Vista | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:85 | |||
Oval ID: | oval:org.mitre.oval:def:85 | ||
Title: | Microsoft Windows 2000 is installed | ||
Description: | The operating system installed on the system is Microsoft Windows 2000. | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_2000 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:1353 | |||
Oval ID: | oval:org.mitre.oval:def:1353 | ||
Title: | Microsoft Windows XP (32-bit) is installed | ||
Description: | The operating system installed on the system is Microsoft Windows XP (32-bit). | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/o:microsoft:windows_xp:::x86 | Version: | 4 |
Platform(s): | Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 oval:org.mitre.oval:def:7158 |
Definition Id: oval:org.mitre.oval:def:6158 | |||
Oval ID: | oval:org.mitre.oval:def:6158 | ||
Title: | Microsoft .NET Framework 2.0 Service Pack 2 is installed | ||
Description: | Microsoft .NET Framework 2.0 Service Pack 2 is installed | ||
Family: | windows | Class: | inventory |
Reference(s): | cpe:/a:microsoft:.net_framework:2.0:sp2 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft .NET Framework 2.0 |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7158 |