CVE-2013-10001

A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:htc:mail:5.2.2222282614.528614.528614:*:*:*:*:*:*:*
OR cpe:2.3:a:htc:sdk_api:4.25:*:*:*:*:*:*:*
cpe:2.3:h:htc:one_sv:4.0.4:*:*:*:*:android:*:*
cpe:2.3:h:htc:sense:4.1:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:htc:mail:5.5.550363:*:*:*:*:*:*:*
OR cpe:2.3:a:htc:sdk_api:4.63:*:*:*:*:*:*:*
cpe:2.3:h:htc:one_x:4.1.1:*:*:*:*:android:*:*
cpe:2.3:h:htc:sense:4\+:*:*:*:*:*:*:*

History

21 Nov 2024, 01:48

Type Values Removed Values Added
References () http://www.modzero.ch/modlog/archives/2013/05/28/htcs_e-mail_client_fails_to_verify_server_certificates/ - Third Party Advisory () http://www.modzero.ch/modlog/archives/2013/05/28/htcs_e-mail_client_fails_to_verify_server_certificates/ - Third Party Advisory
References () https://vuldb.com/?id.8900 - Permissions Required, Third Party Advisory () https://vuldb.com/?id.8900 - Permissions Required, Third Party Advisory
CVSS v2 : 4.3
v3 : 5.9
v2 : 4.3
v3 : 4.8

Information

Published : 2022-05-17 08:15

Updated : 2024-11-21 01:48


NVD link : CVE-2013-10001

Mitre link : CVE-2013-10001

CVE.ORG link : CVE-2013-10001


JSON object : View

Products Affected

htc

  • one_sv
  • mail
  • one_x
  • sdk_api
  • sense
CWE
CWE-295

Improper Certificate Validation