CVE-2015-4674 in TimeDoctor Proinformación

Resumen (Inglés)

The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservar

2015-06-19

Divulgación

2015-08-06

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
76928	TimeDoctor Pro Autoupdate autenticación débil	345	No está definido	No está definido	CVE-2015-4674

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

MITRE
NVD
CVE Details

◂ AnteriorVisión De ConjuntoPróximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!