CVE-2013-7144

2014-08-1601:00:00

jpcert

www.cve.org

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

27.0%

JSON

LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

References

www.thaicert.or.th/papers/general/2013/pa2013ge010.html