Computer Security
[EN] securityvulns.ru no-pyccku


MercadoLibre missing SSL certificate checks
Published:01.12.2014
Source:
SecurityVulns ID:14123
Type:remote
Threat Level:
5/10
Affected:MERCADOLIBRE : MercadoLibre 3.8
CVE:CVE-2014-5658 (The MercadoLibre (aka com.mercadolibre) application 3.8.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.)
Original documentdocumentPrograma STIC, Missing SSL certificate validation in MercadoLibre app for Android [STIC-2014-0211] (01.12.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod