What is CVE-2013-4787?

CVE-2013-4787 is a vulnerability in Google Android, classified under Cryptographic Issues. Published 2013-07-09.

Is CVE-2013-4787 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Google Android

CVE-2013-4787

Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that is modified in a way that does not viol…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.526 (98.0th percentile) — read the EPSS interpretation.

Affected products

Google Android — versions 1.6, 2.0, 2.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

60952 (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_MISC)
94773 (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (x_refsource_MISC)

Frequently asked questions

What is CVE-2013-4787?: CVE-2013-4787 is a vulnerability in Google Android, classified under Cryptographic Issues. Published 2013-07-09.
Is CVE-2013-4787 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.