CVE-2012-2203 Information

Feb 14, 2021 cve

Description

IBM Global Security Kit (aka GSKit) before 8.0.14.22 as used in IBM Rational Directory Server IBM Tivoli Directory Server and other products uses the PKCS 12 file format for certificate objects without enforcing file integrity which makes it easier for remote attackers to spoof SSL servers via vectors involving insertion of an arbitrary root Certification Authority (CA) certificate.

Reference

http://secunia.com/advisories/51279 http://www.securityfocus.com/bid/54743 http://www-01.ibm.com/support/docview.wss?uid=swg1IV31973 http://www-01.ibm.com/support/docview.wss?uid=swg1IV31975 http://www-01.ibm.com/support/docview.wss?uid=swg21606145 https://exchange.xforce.ibmcloud.com/vulnerabilities/77280

Share on: