![]() ![]() ![]() MITRE has assigned # CVE-2017-15882 to track this issue. ![]() The vendor has fixed this issue in v1.3.3.1 and users should install the latest version. While the file is digitally signed, it is not served over SSL and the application did not contain logic for checking if the provided file is very large. This can be exploited by an MITM attacker via intercepting and replacing this file. The Android application provided by Private Internet Access (PIA) VPN service can be crashed by downloading a large file containing a list of current VPN servers. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |