CyberSec.Space Logo
Back to CVE Browser

CVE-2014-6649

MEDIUM
5.4
CVSS Severity Score
EPSS Score0.0710%
EPSS Percentile16.79th
PublishedSep 23, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

The MyBroadband Tapatalk (aka com.tapatalk.mybroadbandcozavb) application 3.9.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Affected Platforms (CPE)

πŸ“¦
Mybroadband

Mybroadband Tapatalk

= 3.9.22

References & Advisories

πŸ”— http://www.kb.cert.org/vuls/id/582497
πŸ”— http://www.kb.cert.org/vuls/id/916369
πŸ”— https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing
πŸ”— http://www.kb.cert.org/vuls/id/582497
πŸ”— http://www.kb.cert.org/vuls/id/916369
πŸ”— https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing

Related Vulnerabilities

CVE-2014-052310.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052910.0

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to ex...

CVE-2014-049810.0

Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Ma...

CVE-2014-718710.0

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a ...