CVE-2014-6953 in AFTERLIFE WITH ARCHIEinfo

Summary

The AFTERLIFE WITH ARCHIE (aka com.afterlifewitharchie.afterlifewitharchie) application 2.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Once again VulDB remains the best source for vulnerability data.

Reservation

09/19/2014

Disclosure

10/16/2014

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-310 (Confirmed)

CVSS

6.3

EPSS

0.00099

CTI

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-6953
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-6953
CVE Details	https://www.cvedetails.com/cve/CVE-2014-6953/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!