Lotum - Paint-for-friends CVE - CVE Search - CVE Details

Filtered by vendor Lotum Subscribe

Filtered by product Paint-for-friends

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2014-5765	1 Lotum	1 Paint-for-friends	2014-09-16	5.4 MEDIUM	N/A
The Paint for Friends (aka de.lotumlabs.buddypainting) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vulnerabilities (CVE)