CVE-2014-7539 - CERT CVE
ID CVE-2014-7539
Sažetak The Zhang Zhijun Taiwan Visit 2014-06-25 (aka com.zizizzi) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Reference
CVSS
Base: 5.4
Impact: 6.4
Exploitability:5.5
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:A/AC:M/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 11-02-2015 - 16:50
Objavljeno 20-10-2014 - 10:55