Adding CVE's for MTC Category: Embedding malicious code within app in encrypted or obfuscated form, then decrypting or deobfuscating and executing at runtime to evade app vetting. #215
Threat ID:
If the comment is specific to a given threat, provide the ID for that threat. Otherwise, leave this blank.
Type of Comment: T
Enter the letter that best describes the nature of your comment
E - Editorial comments (e.g. spelling, grammar, or formatting)
G - General comments on how information has been presented (e.g. format, organization, phrasing, diction, or terminology)
T - Technical comments on what information has been presented (e.g. correctness of facts, validity of any assumptions or conclusions, level of detail, or contextual relevance)
Proposed Change: Add CVE's to given MTC Category
With as much detail as possible, what change should be made.
Justification: Need CVE's to be used as examples for this threat in the MTC.
Provide reasoning as to why the proposed change is necessary. For technical comments, providing references to supporting sources is encouraged.
General Comment
Threat ID: If the comment is specific to a given threat, provide the ID for that threat. Otherwise, leave this blank.
Type of Comment: T Enter the letter that best describes the nature of your comment
Proposed Change: Add CVE's to given MTC Category With as much detail as possible, what change should be made.
Justification: Need CVE's to be used as examples for this threat in the MTC. Provide reasoning as to why the proposed change is necessary. For technical comments, providing references to supporting sources is encouraged.