Vendor

Gannett

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	CVSS	Published	Description
CVE-2014-7129	Gannett Argus Leader Print Edition	—	Oct 19, 2014	The Argus Leader Print Edition (aka com.argusleader.android.prod) application 6.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7122	Gannett Lansing State Journal Print	—	Oct 19, 2014	The Lansing State Journal Print (aka com.lansingjournal.android.prod) application 6.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6842	Gannett Daily Advertiser Print	—	Sep 30, 2014	The Daily Advertiser Print (aka com.lafayettedailyadv.android.prod) application 6.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-7129Oct 19, 2014
Gannett
Argus Leader Print Edition
risk 0.00cvss —epss 0.00
The Argus Leader Print Edition (aka com.argusleader.android.prod) application 6.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-7122Oct 19, 2014
Gannett
Lansing State Journal Print
risk 0.00cvss —epss 0.00
The Lansing State Journal Print (aka com.lansingjournal.android.prod) application 6.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-6842Sep 30, 2014
Gannett
Daily Advertiser Print
risk 0.00cvss —epss 0.00
The Daily Advertiser Print (aka com.lafayettedailyadv.android.prod) application 6.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.