analyzing computer vulnerabilities since 1999
The Vigil@nce team watches vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.
Vulnerabilities of Apache HttpClient
Apache HttpClient vulnerability: man in the middle of SSL
An attacker can act as a Man in the middle in the SSL/TLS session of HttpClient, in order to capture sensitive information.
Apache HttpClient vulnerability: parameter injection with addRequestHeader
When an attacker can control the parameter of the addRequestHeader() method of Apache HttpClient, he can insert additional HTTP headers.
Apache HttpClient vulnerability: incomplete certificate validation
An attacker can use any valid certificate on a malicious server, and then invite an Apache HttpClient 3 to connect there, in order to spy communications even if encryption is used.
Apache HttpClient vulnerability: obtaining proxy password
When HttpClient connects to a proxy requiring an authentication, the login and password are sent to the remote server.
Apache HttpClient vulnerability: erroneous certificate validation
An attacker can create an SSL certificate which wille be wrongly validated by Apache HttpComponents HttpClient, in order to capture traffic and bypass encryption.
Display other vulnerabilities of Apache HttpClient described by Vigil@nce...
Display information about Apache HttpClient:
. Vigil@nce is a service from
Orange Applications for Business