CVE-2014-5829 in Hobby Lobby Storesinformación

Resumen (Inglés)

The Hobby Lobby Stores (aka com.hobbylobbystores.android) application 2.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservar

2014-08-30

Divulgación

2014-09-09

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
71127	hobbylobby Hobby Lobby Stores X.509 Certificate cifrado débil	310	No está definido	No está definido	CVE-2014-5829

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

MITRE
NVD
CVE Details

◂ AnteriorVisión De ConjuntoPróximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!