CVE-2013-4872

Sažetak

Google Glass before XE6 does not properly restrict the processing of QR codes, which allows physically proximate attackers to modify the configuration or redirect users to arbitrary web sites via a crafted symbol, as demonstrated by selecting a Wi-Fi access point in order to conduct a man-in-the-middle attack.

Reference

https://blog.lookout.com/blog/2013/07/17/hacking-the-internet-of-things-for-good/
https://exchange.xforce.ibmcloud.com/vulnerabilities/85804

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-08-2017 - 01:33

Objavljeno

18-07-2013 - 16:51