RSS   Vulnerabilities for 'Dailyfinance - stocks & news'   RSS

2014-09-08
 
CVE-2014-5570

CWE-310
 

 
The DailyFinance - Stocks & News (aka com.aol.mobile.dailyFinance) application 2.0.2.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

 

 >>> Vendor: AOL 17 Products
Instant messenger
Aol server
Aol client software
AOL
Ygp screensaver activex control
Ygp pic downloader activex control
ICQ
Aim lite
Aim pro
Radio
Aolmediaplaybackcontrol
Ygp piceditor activex control
Internet software
Sb.superbuddy.1 active x control
Aolserver
AIM
Dailyfinance - stocks & news


Copyright 2018, cxsecurity.com

 

Back to Top