4 matches found
EUVD-2016-3859
Malware in sbrugna...
Amazon Linux AMI : mysql56 (ALAS-2016-701)
A double-free flaw was found in the way OpenSSL parsed certain malformed DSA Digital Signature Algorithm private keys. An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash. CVE-2016-0705 T...
CVE-2014-7698
The Xinhua International aka org.xinhua.xnewsinternational application 5.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The SongPop aka air.com.freshplanet.games.WaM application 1.21.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...