CVE-2014-7086

The Killer Screen lock (aka com.cc.theme.shashou) application 0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:killer_screen_lock_project:killer_screen_lock:0.5:*:*:*:*:android:*:*

Information

Published : 2014-10-18 18:55

Updated : 2014-11-14 06:07


NVD link : CVE-2014-7086

Mitre link : CVE-2014-7086


JSON object : View

CWE
CWE-310

Cryptographic Issues

Advertisement

dedicated server usa

Products Affected

killer_screen_lock_project

  • killer_screen_lock