Skip to main content

Candy Blast

1 CVEs product

Monthly

CVE-2014-5858 MEDIUM This Month

The Candy Blast (aka com.appgame7.candyblast) application 1.1.001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Candy Blast
NVD
CVSS 2.0
5.4
EPSS
0.1%
EPSS 0% CVSS 5.4
MEDIUM This Month

The Candy Blast (aka com.appgame7.candyblast) application 1.1.001 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Candy Blast
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy