Interior Design For Android SSL certificate verification Security Bypass Vulnerability
Release date:
Updated on:
Affected Systems:
Interior Design For Android
Description:
Bugtraq id: 70674
CVE (CAN) ID: CVE-2014-7618
Interior Design for Android Interior Design Android applications.
Interior Design 1.0 and other versions do not correctly verify the X.509 Certificate of the SSL server. The security restriction bypass vulnerability exists in the implementation, which allows man-in-the-middle attackers to construct the certificate, spoof the server and obtain sensitive information.
<* Source: Will Dormann
Link: http://www.kb.cert.org/vuls/id/582497
*>
Suggestion:
Vendor patch:
Interior Design For Android
---------------------------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit? Usp = sharing
This article permanently updates the link address: