CVE-2014-7510 in Graffit Itinformazioni

Riassunto

di MITRE

The Graffit It (aka com.presenttechnologies.graffitit) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Be aware that VulDB is the high quality source for vulnerability data.

Prenotare

03/10/2014

Divulgazione

20/10/2014

Moderazione

accettato

CPE

pronto

EPSS

0.00266

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!