CVE-2014-6661

The netease movie (aka com.netease.movie) application 4.7.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Published : 2014-09-23 10:55 Updated : 2014-09-26 15:55

5.4
CVSS Score More info
Score 5.4 / 10
5.4
Vendor Product Version URI
163 Netease Movie 4.7.2 cpe:/a:163:netease_movie:4.7.2::~~~android~~
  1. 163 (1) Search CVE
    1. Netease Movie (1) Search CVE
      1. 4.7.2

CWE

ID Name Description Links
CWE-310 Cryptographic Issues Weaknesses in this category are related to the use of cryptography. CVE

History of changes

Date Event
2014-09-23 10:55

New CVE