Hirotaka Niisato

**Name of the Vulnerable Software and Affected Versions** netprint App for iOS versions 3.2.3 and earlier **Description** The issue allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate because the netprint App for iOS does not verify X.509 certificates from servers. **Recommendations** For versions 3.2.3 and earlier, consider disabling the use of X.509 certificates until a patch is available that properly verifies these certificates from servers.

**Name of the Vulnerable Software and Affected Versions** kantan netprint App for iOS versions 2.0.2 and earlier **Description** The issue allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate because the kantan netprint App for iOS does not verify X.509 certificates from servers. **Recommendations** For versions 2.0.2 and earlier, update to a version that verifies X.509 certificates from servers to prevent man-in-the-middle attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** kantan netprint App for Android versions 2.0.3 and earlier **Description** The issue allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate because the kantan netprint App for Android does not verify X.509 certificates from servers. **Recommendations** For versions 2.0.3 and earlier, consider disabling the use of X.509 certificates until a patch is available that properly verifies these certificates. At the moment, there is no information about a newer version that contains a fix for this vulnerability.