ID CVE-2012-5456
Summary The Zoner AntiVirus Free application for Android does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, as demonstrated by a server used for updating virus signature files.
References
Vulnerable Configurations
  • cpe:2.3:a:zoner:zoner_antivirus_free:-:-:*:*:*:android:*:*
    cpe:2.3:a:zoner:zoner_antivirus_free:-:-:*:*:*:android:*:*
  • cpe:2.3:a:zoner:zoner_antivirus_free:1.7.0:-:*:*:*:android:*:*
    cpe:2.3:a:zoner:zoner_antivirus_free:1.7.0:-:*:*:*:android:*:*
CVSS
Base: 4.3 (as of 22-11-2021 - 15:53)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 56292
misc http://www2.dcsec.uni-hannover.de/files/android/p50-fahl.pdf
xf zoner-android-spoofing(79591)
Last major update 22-11-2021 - 15:53
Published 24-10-2012 - 17:55
Last modified 22-11-2021 - 15:53
Back to Top