5 matches found
CVE-2014-7042
The My nTelos aka com.telespree.ntelospostpay application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: nTelos Wireless has indicated that this...
Design/Logic Flaw
The My nTelos aka com.telespree.ntelospostpay application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: nTelos Wireless has indicated that this...
CVE-2014-7042
The My nTelos aka com.telespree.ntelospostpay application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: nTelos Wireless has indicated that this...
CVE-2014-7042
The CVE refers to the My nTelos (com.telespree.ntelospostpay) Android app, version 1.1.2, which does not verify X.509 certificates from SSL servers, enabling MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. This is the concrete vulnerability described ac...
PT-2014-7717 · Ntelos · Ntelos
Name of the Vulnerable Software and Affected Versions: My nTelos application version 1.1.2 Description: The application does not verify X.509 certificates from SSL servers, allowing man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...