X.509 Certificate Verification Flaw in Sortir en Alsace Application for Android
CVE-2014-6867

Currently unrated

Key Information:

Vendor

Sortir-en-alsace

Status
Sortir En Alsace
Vendor
CVE Published:
2 October 2014

What is CVE-2014-6867?

The Sortir en Alsace application (version 0.5b for Android) suffers from a security issue where it fails to correctly verify X.509 certificates presented by SSL servers. This oversight permits attackers to execute man-in-the-middle attacks by forging SSL certificates, potentially leading to the compromise of sensitive data exchanged between users and the application. By steering unsuspecting users to malicious servers appearing to be legitimate, attackers can harvest personal information and credentials.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/582497
third-party-advisoryx_refsource_CERT-VN
https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJ...
x_refsource_MISC
http://www.kb.cert.org/vuls/id/919361
third-party-advisoryx_refsource_CERT-VN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.