20 matches found
EUVD-2012-3961
Malware in sbrugna...
EUVD-2013-2252
Malware in sbrugna...
EUVD-2014-5209
Malware in sbrugna...
CVE-2013-2306
The jigbrowser+ application before 1.6.4 for Android does not properly open windows, which allows remote attackers to spoof the address bar via a crafted web site...
CVE-2014-5318
The jigbrowser+ application 1.8.1 and earlier for iOS allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code...
Code injection
The jigbrowser+ application 1.8.1 and earlier for iOS allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code...
CVE-2014-5318
The jigbrowser+ application 1.8.1 and earlier for iOS allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code...
jigbrowser+ for iOS same origin policy bypass
Overview jigbrowser+ for iOS contains a flaw in loading web pages, which may allow an attacker to bypass the same origin policy. Toshiharu Sugiyama of DeNA Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...
JVN#80531230: jigbrowser+ for iOS same origin policy bypass
jigbrowser+ for iOS contains a flaw in loading web pages, which may allow an attacker to bypass the same origin policy. Impact By using JavaScript, an attacker may obtain sensitive data from a different domain in violation of the same origin policy. Solution Update the Software Update to the late...
Chrome for Android Update Patches URL Spoofing Bug
The latest update to Chrome on Android – pushed yesterday – fixes two bugs, including a critical flaw in the browser that could have let an attacker trick a user into visiting a malicious site. The problem, marked high priority by Google, was discovered by Japanese app developer Keita Haga. The...
CVE-2013-2306
The jigbrowser+ application before 1.6.4 for Android does not properly open windows, which allows remote attackers to spoof the address bar via a crafted web site...
Open redirect
The jigbrowser+ application before 1.6.4 for Android does not properly open windows, which allows remote attackers to spoof the address bar via a crafted web site...
CVE-2013-2306
The CVE-2013-2306 vulnerability affects jigbrowser+ for Android prior to version 1.6.4. The issue arises when opening a new window, which allows remote attackers to spoof the address bar via a crafted web site, enabling phishing-like deception by forging the displayed URL. Public references consi...
jigbrowser+ for Android vulnerable to address bar spoofing
Overview jigbrowser+ for Android contains an issue when opening a new window, which may result in the address bar being spoofed. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact Th...
JVN#01313594: jigbrowser+ for Android vulnerable to address bar spoofing
jigbrowser+ for Android contains an issue when opening a new window, which may result in the address bar being spoofed. Impact This vulnerability could be leveraged to forge the contents of the address bar for conducting phishing attacks. Solution Update the software Update to the latest version...
CVE-2012-4017
The jigbrowser+ application before 1.5.0 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application...
CVE-2012-4017
The jigbrowser+ application before 1.5.0 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application...
CVE-2012-4017
CVE-2012-4017 : jigbrowser+ for Android is vulnerable before version 1.5.0 due to improper WebView handling. A crafted Android app can cause information disclosure from the WebView, enabling remote attackers to obtain sensitive data. Mitigation: update to the latest software per developer guidanc...
jigbrowser+ for Android vulnerable in the WebView class
Overview jigbrowser+ for Android contains a vulnerability in the WebView class. jigbrowser+ is a web browser for a smartphone. jigbrowser+ for Android contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/...
JVN#86318665: jigbrowser+ for Android vulnerable in the WebView class
jigbrowser+ is a web browser for a smartphone. jigbrowser+ for Android contains a vulnerability in the WebView class. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. Solution Update the software Updat...