CVE-2016-6231

https://notcve.org/view.php?id=CVE-2016-6231

Kaspersky Safe Browser iOS before 1.7.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. Kaspersky Safe Browser iOS en versiones anteriores a 1.7.0 no verifica certificados X.509 de servidores SSL lo que permite a atacantes man-in-the-middle obtener información sensible a través de un certificado manipulado. • http://seclists.org/fulldisclosure/2016/Aug/30 http://www.info-sec.ca/advisories/Kaspersky-Safe-Browser.html http://www.securityfocus.com/archive/1/539071/100/0/threaded http://www.securityfocus.com/bid/92200 https://support.kaspersky.com/vulnerability.aspx?el=12430#280716 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •