Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
  home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerable product
Vulnerabilities of Apache HttpClient

Apache HttpClient vulnerability: incomplete certificate validation
An attacker can use any valid certificate on a malicious server, and then invite an Apache HttpClient 3 to connect there, in order to spy communications even if encryption is used.

Apache HttpClient vulnerability: obtaining proxy password
When HttpClient connects to a proxy requiring an authentication, the login and password are sent to the remote server.

Apache HttpClient vulnerability: parameter injection with addRequestHeader
When an attacker can control the parameter of the addRequestHeader() method of Apache HttpClient, he can insert additional HTTP headers.

Display other vulnerabilities of Apache HttpClient described by Vigil@nce...

Display information about Apache HttpClient:



















Copyright 1999-2013 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française