CVE-2014-7457 in Electronics For Youinformation

Résumé

par MITRE

The Electronics For You (aka com.magzter.electronicsforyou) application 3.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Réserver

03/10/2014

Divulgation

19/10/2014

Modérer

accepté

Entrée

VDB-72341

CPE

prêt

EPSS

0.00266

KEV

non

Activités

très faible

Sources

Interested in the pricing of exploits?

See the underground prices here!