CVE-2008-3891 Information

Description

The SAML Single Sign-On (SSO) Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a request identifier and recipient field.

Reference

http://www.kb.cert.org/vuls/id/612636 http://www.kb.cert.org/vuls/id/MIMG-7FQGWU