Google Glass before XE6 does not properly restrict the processing of QR codes, which allows physically proximate attackers to modify the configuration or redirect users to arbitrary web sites via a crafted symbol, as demonstrated by selecting a Wi-Fi access point in order to conduct a man-in-the-middle attack.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2013-07-18T14:00:00
Updated: 2024-08-06T16:59:40.617Z
Reserved: 2013-07-18T00:00:00
Link: CVE-2013-4872
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-07-18T16:51:40.160
Modified: 2017-08-29T01:33:40.810
Link: CVE-2013-4872
Redhat
No data.