CVE-2013-4872 Information

Description

Google Glass before XE6 does not properly restrict the processing of QR codes which allows physically proximate attackers to modify the configuration or redirect users to arbitrary web sites via a crafted symbol as demonstrated by selecting a Wi-Fi access point in order to conduct a man-in-the-middle attack.

Reference

https://blog.lookout.com/blog/2013/07/17/hacking-the-internet-of-things-for-good/ https://exchange.xforce.ibmcloud.com/vulnerabilities/85804