Man-in-the-Middle Vulnerability in Humor Ironias y Realidades for Android
CVE-2014-7743

Currently unrated

Key Information:

Vendor: Humor Ironias Y Realidades Project
Status: Humor Ironias Y Realidades
Vendor: CVE Published:; 21 October 2014

🔔 Create Humor Ironias Y Realidades Project Vulnerability Alert

What is CVE-2014-7743?

The Humor Ironias y Realidades application v0.63.13371.13576 for Android is susceptible to a security flaw where it fails to properly verify X.509 certificates when connecting to SSL servers. This lack of validation enables attackers to execute man-in-the-middle attacks, potentially allowing them to spoof legitimate servers and intercept sensitive user data via a maliciously crafted certificate. Users of the application should be aware of this vulnerability and take necessary precautions to protect their information.

References

http://www.kb.cert.org/vuls/id/331785

third-party-advisoryx_refsource_CERT-VN

http://www.kb.cert.org/vuls/id/582497

third-party-advisoryx_refsource_CERT-VN

https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJ...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 21, 2014
Vulnerability Reserved
Oct 3, 2014