CVE-2010-4832 in Androidinfo

Summary

Android OS before 2.2 does not display the correct SSL certificate in certain cases, which might allow remote attackers to spoof trusted web sites via a web page containing references to external sources in which (1) the certificate of the last loaded resource is checked, instead of for the main page, or (2) later certificates are not checked when the HTTPS connection is reused.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

09/02/2011

Disclosure

05/13/2014

Moderation

VulDB entry created

Entries

VDB-69670 (1)

CPE

ready

CWE

CWE-310 (Confirmed)

CVSS

5.3

EPSS

0.00187

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2010-4832
NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-4832
CVE Details	https://www.cvedetails.com/cve/CVE-2010-4832/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!