Description
The Tiny Tower (aka com.mobage.ww.a560.tinytower_android) application 1.7.0.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2014-5705 | The Tiny Tower (aka com.mobage.ww.a560.tinytower_android) application 1.7.0.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
References
History
No history.
Status: PUBLISHED
Assigner: certcc
Published:
Updated: 2024-08-06T11:55:50.164Z
Reserved: 2014-08-30T00:00:00.000Z
Link: CVE-2014-5818
No data.
Status : Modified
Published: 2014-09-09T10:55:14.647
Modified: 2026-06-17T00:12:08.223
Link: CVE-2014-5818
No data.
OpenCVE Enrichment
No data.
Weaknesses
EUVD