Sun Alert 102696 A Security Vulnerability in RSA Signature Verification Affects Sun Java System Application Server, Proxy Server and Web Server
By security on Apr 25, 2007
Sun Java System Application Server, Sun Java System Proxy Server and Sun Java System Web Server are vulnerable to an RSA(1) Signature Verification vulnerability which may allow remote unprivileged users to construct certificates with forged signatures that go undetected and are accepted as valid.
This issue is also described in the following documents:
CERT VU#845620 at http://www.kb.cert.org/vuls/id/845620
CVE-2006-4339 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339