Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http://storage.googleapis.com without SSL, which makes it easier for man-in-the-middle attackers to spoof Feed and Schedule data by creating a modified blocks_v4.json file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google I/O 2017 application for Android 安全漏洞
Vulnerability Description
Google I/O 2017 application for Android是美国谷歌(Google)公司开发的一款基于Android平台的Google年度I/O大会的会议管理应用程序。 基于Android平台的Google I/O 2017应用程序5.1.4之前的版本中存在安全漏洞,该漏洞源于程序不需SSL便可从http://storage.googleapis.com中下载多个.json文件。攻击者可通过创建已更改的blocks_v4.json文件利用该漏洞实施中间人攻击,伪造Feed和Schedu
CVSS Information
N/A
Vulnerability Type
N/A