CVE-2010-4832
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Android OS before 2.2 does not display the correct SSL certificate in certain cases, which might allow remote attackers to spoof trusted web sites via a web page containing references to external sources in which (1) the certificate of the last loaded resource is checked, instead of for the main page, or (2) later certificates are not checked when the HTTPS connection is reused.
Android OS anterior a 2.2 no muestra el certificado SSL correcto en ciertos casos, lo que podría permitir a atacantes remotos falsificar sitios web de confianza a través de una página web que contiene referencias a fuentes externas en las que (1) el certificado del último recurso cargado está comprobado, en lugar de para la página principal, o (2) certificados posteriores no están comprobados cuando la conexión HTTPS está reutilizada.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-09-02 CVE Reserved
- 2014-05-14 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-310: Cryptographic Issues
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://android.git.kernel.org/?p=platform/frameworks/base.git%3Ba=commit%3Bh=dba8cb76371960457e91b31fa396478f809a5a34 | X_refsource_misc | |
| http://jvn.jp/en/jp/JVN43105011/index.html | Third Party Advisory | |
| http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000053.html | Third Party Advisory | |
| https://gitorious.org/atrix-aosp/frameworks_base/commit/dba8cb76371960457e91b31fa396478f809a5a34 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Google Search vendor "Google" | Android Search vendor "Google" for product "Android" | <= 2.1 Search vendor "Google" for product "Android" and version " <= 2.1" | - |
Affected
| ||||||
| Google Search vendor "Google" | Android Search vendor "Google" for product "Android" | 1.0 Search vendor "Google" for product "Android" and version "1.0" | - |
Affected
| ||||||
| Google Search vendor "Google" | Android Search vendor "Google" for product "Android" | 1.1 Search vendor "Google" for product "Android" and version "1.1" | - |
Affected
| ||||||
| Google Search vendor "Google" | Android Search vendor "Google" for product "Android" | 1.5 Search vendor "Google" for product "Android" and version "1.5" | - |
Affected
| ||||||
| Google Search vendor "Google" | Android Search vendor "Google" for product "Android" | 1.6 Search vendor "Google" for product "Android" and version "1.6" | - |
Affected
| ||||||
| Google Search vendor "Google" | Android Search vendor "Google" for product "Android" | 2.0 Search vendor "Google" for product "Android" and version "2.0" | - |
Affected
| ||||||
| Google Search vendor "Google" | Android Search vendor "Google" for product "Android" | 2.0.1 Search vendor "Google" for product "Android" and version "2.0.1" | - |
Affected
| ||||||