CVE-2014-5741
Loading...
General | |
|---|---|
| Score: | 5.4/10.0 |
| Severity: | Medium |
| Category: | Cryptography Error |
Impact Metrics | |
| Confidentiality: | Partial |
| Integrity: | Partial |
| Availability: | Partial |
Exploitability Metrics | |
| Access Vector: | Adjacent Network |
| Access Complexity: | Medium |
| Authentication: | None |
Published on 09/09/14 - Updated on 16/09/14
Description
The Security - Complete (aka com.webroot.security.complete) application 3.6.0.6610 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Category: Cryptography Error
CWE-310 (Cryptographic Issues)
Weaknesses in this category are related to the use of cryptography.
Security Notices
 | CVE-2014-5741 |
Exploits
No exploits available for this CVE in our database.