{"id":"MGASA-2013-0200","summary":"Updated axis package fixes security vulnerability","details":"Apache Axis did not verify that the server hostname matched the domain name\nin the subject's Common Name (CN) or subjectAltName field in X.509\ncertificates. This could allow a man-in-the-middle attacker to spoof an SSL\nserver if they had a certificate that was valid for any domain name\n(CVE-2012-5784).\n","modified":"2026-04-16T06:23:12.130697262Z","published":"2013-07-06T14:12:34Z","upstream":["CVE-2012-5784"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2013-0200.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=8936"},{"type":"WEB","url":"https://rhn.redhat.com/errata/RHSA-2013-0269.html"}],"affected":[{"package":{"name":"axis","ecosystem":"Mageia:2","purl":"pkg:rpm/mageia/axis?arch=source&distro=mageia-2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4-6.1.mga2"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0200.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}