4 matches found
Hidden Object Mystery Society - Customized SSL, Dangerous filesystem permissions, MIT license vulnerabilities
HackApp vulnerability scanner discovered that application Hidden Object Mystery Society published at the 'play' market has multiple vulnerabilities...
Time Gap Hidden Object Mystery - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Time Gap Hidden Object Mystery published at the 'play' market has multiple vulnerabilities...
CVE-2014-5542
The Hidden Object Mystery aka air.com.differencegames.hodetectivemysteryfree application 1.0.65 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5542
The CVE-2014-5542 entry applies to the Android app The Hidden Object Mystery (air.com.differencegames.hodetectivemysteryfree) v1.0.65, where the app does not verify X.509 SSL certificates. This prevents server authentication, enabling MITM attackers to spoof HTTPS servers and access sensitive dat...