EUVD-2012-1262

Malware in sbrugna...

EUVD-2012-0364

Malware in sbrugna...

CVE-2012-1236

Multiple cross-site request forgery CSRF vulnerabilities in Janetter before 3.3.0.0 aka 3.3.0 allow remote attackers to hijack the authentication of arbitrary users for requests that 1 tweet, 2 upload an image file, or 3 execute arbitrary commands...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Janetter before 3.3.0.0 aka 3.3.0 allow remote attackers to hijack the authentication of arbitrary users for requests that 1 tweet, 2 upload an image file, or 3 execute arbitrary commands...

CVE-2012-0328

Janetter before 3.3.0.0 aka 3.3.0 allows remote attackers to obtain session information for twitter.com web sites via unspecified vectors...

Session fixation

Janetter before 3.3.0.0 aka 3.3.0 allows remote attackers to obtain session information for twitter.com web sites via unspecified vectors...

CVE-2012-1236

CVE-2012-1236 relates to CSRF vulnerabilities in Janetter before 3.3.0.0 (aka 3.3.0). The issue allows remote attackers to hijack user authentication to perform actions such as tweeting, uploading an image, or executing commands. Affected product: Janetter client software for Twitter (Windows and...

CVE-2012-1236

Multiple cross-site request forgery CSRF vulnerabilities in Janetter before 3.3.0.0 aka 3.3.0 allow remote attackers to hijack the authentication of arbitrary users for requests that 1 tweet, 2 upload an image file, or 3 execute arbitrary commands...

CVE-2012-0328

Janetter before 3.3.0.0 aka 3.3.0 allows remote attackers to obtain session information for twitter.com web sites via unspecified vectors...

CVE-2012-0328

CVE-2012-0328 affects Janetter, a Twitter client, where Janetter before version 3.3.0.0 is vulnerable to information disclosure. When a malicious page is opened in a browser while Janetter is in use, session information used to communicate with Twitter may be disclosed to an attacker via unspecif...

Janetter vulnerable to cross-site request forgery

Overview Janetter contains a cross-site request forgery vulnerability. Janetter is a client software for using Twitter. Janetter contains a cross-site request forgery vulnerability. Kazuhiko Kusano of Graduate School of Information Sciences, Tohoku University reported this vulnerability to IPA...

Janetter vulnerable to information disclosure

Overview Janetter contains an information disclosure vulnerability. Janetter is a client software for using Twitter. Janetter contains an information disclosure vulnerability. Kazuhiko Kusano of Graduate School of Information Sciences, Tohoku University reported this vulnerability to IPA. JPCERT/...

JVN#10745573: Janetter vulnerable to information disclosure

Janetter is a client software for using Twitter. Janetter contains an information disclosure vulnerability. Impact When a malicious page is opened with a web browser while Janetter is being used, session information used to communicate with Twitter may be disclosed. Solution Update the software...

JVN#83459967: Janetter vulnerable to cross-site request forgery

Janetter is a client software for using Twitter. Janetter contains a cross-site request forgery vulnerability. Impact When a malicious page is opened with a web browser while Janetter is being used, the user may be impersonated to post tweets, upload local image files, and OS commands may be...