49 matches found
CVE-2016-0818
The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...
CVE-2016-0818
The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...
Design/Logic Flaw
The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...
UBUNTU-CVE-2016-0818
The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...
CVE-2016-0818
The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...
CVE-2016-0818
The CVE affects Conscrypt’s TrustManagerImpl on Android, where caching mishandles the distinction between an intermediate CA and a trusted root CA. Affected: Android/Conscrypt versions: 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01. Impact: enables MITM by exploiting an int...
Google Nexus Conscrypt Man-in-the-Middle Attack Vulnerability
Google Nexus is a series of smart devices based on the Android operating system developed by the U.S. company Google Google, including cell phones and tablet computers. The smart device by Google to provide technology and authorize the cooperation of hardware manufacturers for production and...
CVE-2016-0818
The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...
CVE-2015-3837
CVE-2015-3837 affects Android’s OpenSSLX509Certificate class (org/conscrypt/OpenSSLX509Certificate.java) in builds prior to 5.1.1 LMY48I. The root cause is improper inclusion of certain context data during serialization and deserialization, enabling a malicious local application to trigger code e...