A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
http://www.modzero.ch/modlog/archives/2013/05/28/htcs_e-mail_client_fails_to_verify_server_certificates/ | Third Party Advisory |
https://vuldb.com/?id.8900 | Permissions Required Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
01 Jun 2022, 16:25
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 5.9 |
CWE | CWE-295 | |
References | (MISC) https://vuldb.com/?id.8900 - Permissions Required, Third Party Advisory | |
References | (MISC) http://www.modzero.ch/modlog/archives/2013/05/28/htcs_e-mail_client_fails_to_verify_server_certificates/ - Third Party Advisory | |
First Time |
Htc
Htc sense Htc sdk Api Htc mail Htc one X Htc one Sv |
|
CPE | cpe:2.3:a:htc:mail:5.2.2222282614.528614.528614:*:*:*:*:*:*:* cpe:2.3:h:htc:one_x:4.1.1:*:*:*:*:android:*:* cpe:2.3:a:htc:sdk_api:4.63:*:*:*:*:*:*:* cpe:2.3:a:htc:sdk_api:4.25:*:*:*:*:*:*:* cpe:2.3:a:htc:mail:5.5.550363:*:*:*:*:*:*:* cpe:2.3:h:htc:sense:4.1:*:*:*:*:*:*:* cpe:2.3:h:htc:sense:4\+:*:*:*:*:*:*:* cpe:2.3:h:htc:one_sv:4.0.4:*:*:*:*:android:*:* |
17 May 2022, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-17 08:15
Updated : 2023-12-10 14:22
NVD link : CVE-2013-10001
Mitre link : CVE-2013-10001
CVE.ORG link : CVE-2013-10001
JSON object : View
Products Affected
htc
- sense
- sdk_api
- one_sv
- one_x
CWE
CWE-295
Improper Certificate Validation