CVE-2012-4918

Published: Jan 22, 2013Modified: Apr 29, 2026

5.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability: 8.6 / Impact: 4.9

Source: NVD

Description

Call of Duty Elite for iOS 2.0.1 does not properly validate the server SSL certificate, which allows remote attackers to obtain sensitive information via a Man-in-the-Middle (MITM) attack.

Affected (1)

Products: Activision: Call Of Duty Elite

Activision

1 product

Call Of Duty Elite

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Activision Call Of Duty Elite	Version 2.0.1

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

http://osvdb.org/89070

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/advisories/51366

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://www.securityfocus.com/bid/57225

Source: PSIRT-CNA@flexerasoftware.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/81116

Source: PSIRT-CNA@flexerasoftware.com

http://osvdb.org/89070

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/51366

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/57225

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/81116

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.