Vulnerabilities > Amazon > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-15 | CVE-2017-6189 | Untrusted Search Path vulnerability in Amazon Kindle for PC 1.17.44183/1.3.0.30884 Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer. | 7.3 |
| 2012-11-04 | CVE-2012-5817 | Improper Certificate Validation vulnerability in multiple products Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools Java library and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | 7.4 |