SSL Certificate Validation Flaw in CamScanner Application for Android
CVE-2014-5645

Currently unrated

Key Information:

Vendor

Intsig

Status
Camscanner -phone PDF Creator
Vendor
CVE Published:
9 September 2014

What is CVE-2014-5645?

The CamScanner - Phone PDF Creator app for Android version 3.4.0.20140624 suffers from a lack of validation for X.509 certificates from SSL servers. This defect allows attackers to execute man-in-the-middle attacks, potentially leading to sensitive information being compromised through a fraudulent certificate. Users of this application should be aware of the risks associated with using the app and consider updating to a secure version or alternative solutions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/171097
third-party-advisoryx_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/582497
third-party-advisoryx_refsource_CERT-VN
https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJ...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.