CVE-2014-5683 - CERT CVE
ID CVE-2014-5683
Sažetak The Piano Teacher (aka com.rubycell.pianisthd) application 20140730 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Reference
CVSS
Base: 5.4
Impact: 6.4
Exploitability:5.5
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:A/AC:M/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 11-09-2014 - 13:52
Objavljeno 09-09-2014 - 01:55