Vulnerabilities > CVE-2016-10630 - Cryptographic Issues vulnerability in Install-G-Test Project Install-G-Test

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

NVD

Published: 2018-06-01

Updated: 2019-10-09

Summary

install-g-test downloads resources over HTTP, which leaves it vulnerable to MITM attacks.

Part	Description	Count
Application	Install-G-Test_Project Install G Test Project Install G Test 1.0.0 Install G Test Project Install G Test 2.0.7 Install G Test Project Install G Test 2.0.8 Install G Test Project Install G Test 2.0.9 Install G Test Project Install G Test 2.0.10 Install G Test Project Install G Test 2.0.11 Install G Test Project Install G Test 2.0.12	7

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.