Vigil@nce - Android ESET Mobile Security & Antivirus: one vulnerability
August 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use a vulnerability of Android ESET Mobile
Security & Antivirus.
Impacted products: Android Applications not comprehensive.
Severity: 2/4.
Creation date: 10/06/2016.
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in Android ESET Mobile
Security & Antivirus.
An attacker can intercept unprotected or wrongly protected network
communications, notably WiFi ones, for instance to corrupt ou
remove signature databases. Typically TLS is not used or the
server authentication is incomplete (incomplete certificate
validation for instance). [severity:2/4]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Android-ESET-Mobile-Security-Antivirus-one-vulnerability-19867