OpenSSLX509CertificateChecker 1.0.12 [free]

Report a new version

Description

This app verifies if your device is still vulnerable to CVE-2015-3825 / CVE-2015-3837 aka "One Class to Rule Them All", by checking if it contains the vulnerable conscrypt's OpenSSLX509Certificate class. A patch was released in August 2015 by Google. CVE-2015-3825 / CVE-2015-3837 is a code execution vulnerability discovered by Or Peles & Roee Hay, which allows for malware to takeover your device. It's due to a deserialization vulnerability in the OpenSSLX509Certificate class. The vulnerability was first published in USENIX WOOT '15: https://www.usenix.org/conference/woot15/workshop-program/presentation/peles. A video demo of successful exploitation of this vulnerability is available here: https://www.youtube.com/watch?v=VekzwVdwqIY It will also be presented in RSA Conference 2016: https://www.rsaconference.com/events/us16/agenda/sessions/2455/android-serialization-vulnerabilities-revisited

les anciennes versions

09/28/2022: OpenSSLX509CertificateChecker 1.0.12
Report a new version

Internet	Allows to access internet network.
Access network state	Allows to access information about networks.
Wake lock	Allows using PowerManager WakeLocks to keep processor from sleeping or screen from dimming.

Free Download

Télécharger par QR Code

Nom du logiciel: OpenSSLX509CertificateChecker
Logiciel Catégorie: Outils
Code: roeeh.conscryptchecker
La dernière version: 1.0.12
Exigence: {S} ou supérieur
Taille du fichier : 1.74 MB
Mettre à jour temps: 2022-09-28

OpenSSLX509CertificateChecker 1.0.12 [free]

Description

les anciennes versions

Permissions list

Report a new version

Report

Request an application