SSL Certificate Verification Flaw in Foxit MobilePDF for Android
CVE-2014-6853

Currently unrated

Key Information:

Vendor

Foxit
Status
Foxit MobilePDF - PDF Reader
Vendor
CVE Published:
1 October 2014

What is CVE-2014-6853?

The Foxit MobilePDF application for Android, version 2.2.0.0616, presents a vulnerability by failing to correctly validate X.509 certificates from SSL servers. This oversight permits man-in-the-middle attackers to execute spoofing attacks, thereby gaining access to sensitive information that is meant to be securely transmitted. Users of the affected application are at risk, as the lack of proper certificate verification allows harmful actors to impersonate legitimate servers using crafted certificates.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/715905
third-party-advisoryx_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/582497
third-party-advisoryx_refsource_CERT-VN
https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJ...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.