Apple Music for Android CVE-2017-2387 Certificate Validation Information Disclosure Vulnerability



Apple Music for Android is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to obtain sensitive information that may lead to further attacks.

Versions prior to Apple Music 2.0 running on Android version 4.3 and later are vulnerable.

Information

Bugtraq ID: 97390
Class: Input Validation Error
CVE: CVE-2017-2387

Remote: Yes
Local: No
Published: Apr 04 2017 12:00AM
Credit: David Coomber of Info-Sec.CA
Vulnerable: Apple Music 1.2.1
Apple Music 1.2.0
Apple Music 1.1.2
Apple Music 1.1.1
Apple Music 1.1.0
Apple Music 1.0.1
Apple Music 1.0.0
Apple Music 0.9.11
Apple Music 0.9.1


Not Vulnerable: Apple Music 2.0



Related Posts

Comments