Amazon Kindle for Android CVE-2014-3908 SSL Certificate Validation Security Bypass Vulnerability
BID:69492
Info
Amazon Kindle for Android CVE-2014-3908 SSL Certificate Validation Security Bypass Vulnerability
| Bugtraq ID: | 69492 |
| Class: | Design Error |
| CVE: |
CVE-2014-3908 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 29 2014 12:00AM |
| Updated: | Aug 29 2014 12:00AM |
| Credit: | Hiroshi Tokumaru of HASH Consulting Corp. |
| Vulnerable: |
Amazon Kindle for Android 0 |
| Not Vulnerable: |
Amazon Kindle for Android 4.5 |
Solution / Fix
Amazon Kindle for Android CVE-2014-3908 SSL Certificate Validation Security Bypass Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Amazon Kindle for Android CVE-2014-3908 SSL Certificate Validation Security Bypass Vulnerability
References:
References:
- Amazon Kindle for Android - Homepage (Amazon)
- JVN#17637243 Kindle App for Android fails to verify SSL server certificates (Hiroshi Tokumaru)