This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Concursive First view 2014-10-19
Product Vermont Powder Last view 2014-10-19
Version 4.1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software android  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:concursive:vermont_powder

Activity : Overall

Related : CVE

  Date Alert Description
5.4 2014-10-19 CVE-2014-7358

The Vermont Powder (aka com.concursive.vermontpowder) application 4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-310 Cryptographic Issues