CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-6649

MEDIUM
5.4
CVSS Severity Score
EPSS Score0.0710%
EPSS Percentile16.79th
Published2014年9月23日
Last Modified2026年5月6日

Vulnerability Description

The MyBroadband Tapatalk (aka com.tapatalk.mybroadbandcozavb) application 3.9.22 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Affected Platforms (CPE)

📦
Mybroadband

Mybroadband Tapatalk

= 3.9.22

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/582497
🔗 http://www.kb.cert.org/vuls/id/916369
🔗 https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing
🔗 http://www.kb.cert.org/vuls/id/582497
🔗 http://www.kb.cert.org/vuls/id/916369
🔗 https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing

関連する脆弱性情報

CVE-2014-845410.0

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows at...

CVE-2014-845510.0

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows at...

CVE-2014-844710.0

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-845610.0

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code...