7 matches found
EUVD-2018-19029
Malware in sbrugna...
A week in security (October 10 - 16)
Last week on Malwarebytes Labs: Teen talk: What it's like to grow up online, and the role of parents: Lock and Code S03E21 White House unveils Blueprint for an AI Bill of Rights Credential stuffers take aim at Final Fantasy XIV players Meta accuses apps of stealing WhatsApp accounts Smart lights...
Square Enix Final Fantasy XIV for Windows Man-in-the-Middle Attack Vulnerability
Square Enix Final Fantasy XIV for Windows is a Japanese role-playing game based on the Windwos platform by Square Enix. Square Enix's Final Fantasy XIV for Windows is a role-playing game based on the Windwos platform. A security vulnerability exists in the ffxivlauncher.exe file in versions 4.21...
Design/Logic Flaw
ffxivlauncher.exe in Square Enix Final Fantasy XIV 4.21 and 4.25 on Windows is affected by Improper Enforcement of Message Integrity During Transmission in a Communication Channel, allowing a man-in-the-middle attacker to steal user credentials because a session retrieves global.js via http befor...
CVE-2018-7295
ffxivlauncher.exe in Square Enix Final Fantasy XIV 4.21 and 4.25 on Windows is affected by Improper Enforcement of Message Integrity During Transmission in a Communication Channel, allowing a man-in-the-middle attacker to steal user credentials because a session retrieves global.js via http befor...
CVE-2018-7295
ffxivlauncher.exe in Square Enix Final Fantasy XIV 4.21 and 4.25 on Windows is affected by Improper Enforcement of Message Integrity During Transmission in a Communication Channel, allowing a man-in-the-middle attacker to steal user credentials because a session retrieves global.js via http befor...
CVE-2018-7295
The CVE affects ffxivlauncher.exe in Square Enix Final Fantasy XIV for Windows (versions 4.21 and 4.25). Root cause: Improper enforcement of message integrity during transmission in a communication channel, where a session retrieves global.js via http before proceeding to use https. This enables ...