CVE-2012-6107

Name of the Vulnerable Software and Affected Versions Apache Axis2/C (affected versions not specified)

Description The issue concerns a failure to verify the server hostname against the domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate. This allows attackers to spoof SSL servers by using any valid certificate, potentially leading to man-in-the-middle attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.