CVE-2010-4211 in eBay PayPalinfo

Zusammenfassung (Englisch)

The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof a PayPal web server via an arbitrary certificate.

Reservieren

08.11.2010

Veröffentlichung

08.11.2010

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
55388	eBay PayPal schwache Authentisierung	287	Proof-of-Concept	Offizieller Fix	CVE-2010-4211

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

◂ ZurückÜbersichtWeiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!