CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2014-6939

MEDIUM
5.4
CVSS Severity Score
EPSS Score0.0080%
EPSS Percentile1.33th
Published2014年10月11日
Last Modified2026年5月6日

Vulnerability Description

The Sketch W Friends FREE -Tablets (aka air.com.xlabz.SketchWFriendsFree) application 5.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Affected Platforms (CPE)

📦
Xlabz

Sketch W Friends Free Tablets

= 5.0.0

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/556625
🔗 http://www.kb.cert.org/vuls/id/582497
🔗 https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing
🔗 http://www.kb.cert.org/vuls/id/556625
🔗 http://www.kb.cert.org/vuls/id/582497
🔗 https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing

相關漏洞威脅

CVE-2014-052610.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052710.0

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows at...

CVE-2014-052310.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052910.0

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to ex...