9 matches found
EUVD-2014-5479
Malware in sbrugna...
LOVOO - Free Dating Chat - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application LOVOO - Free Dating Chat published at the 'play' market has multiple vulnerabilities...
Waplog Chat & Free Dating - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Waplog Chat & Free Dating published at the 'play' market has multiple vulnerabilities...
POF Free Dating App - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application POF Free Dating App published at the 'play' market has multiple vulnerabilities...
Date-me - Free Dating - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Date-me - Free Dating published at the 'play' market has multiple vulnerabilities...
iLove - Free Dating & Chat App - Customized SSL, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application iLove - Free Dating & Chat App published at the 'play' market has multiple vulnerabilities...
Design/Logic Flaw
The iLove - Free Dating & Chat App aka com.jestadigital.android.ilove application 1.3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5592
CVE-2014-5592 affects the Android app Free Dating Heart COL (com.choiceoflove.dating) version 2.6.1. The root cause is the app failing to verify X.509 certificates from SSL servers, allowing man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. T...
CVE-2014-5649
The CVE-2014-5649 entry concerns the iLove - Free Dating & Chat App (com.jestadigital.android.ilove) for Android, version 1.3.3, where the app does not verify X.509 certificates from SSL servers. This behaves as a certificate validation flaw that can let man-in-the-middle attackers spoof servers ...