Google Glass before XE6 does not properly restrict the processing of QR codes, which allows physically proximate attackers to modify the configuration or redirect users to arbitrary web sites via a crafted symbol, as demonstrated by selecting a Wi-Fi access point in order to conduct a man-in-the-middle attack.
References
Configurations
Information
Published : 2013-07-18 09:51
Updated : 2017-08-28 18:33
NVD link : CVE-2013-4872
Mitre link : CVE-2013-4872
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
- glass