8 matches found
Malicious code in kdrive-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e7d5af5ddf22d4481fca4847a45189e6160a723341b32dcbb6bf51b49f53943 package.json declares a preinstall lifecycle script that auto-executes on npm install and runs wget -q -O-...
EUVD-2013-5829
Malware in sbrugna...
CVE-2013-5999
Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2013-5999
Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2013-5999
Kingsoft KDrive Personal for Windows is affected by CVE-2013-5999 where the product fails to verify SSL server certificates, enabling potential MITM eavesdropping. Affected versions include 1.21.0.1878 and earlier, with the 1.21.0.1880 threshold mentioned in the CVE description; the root cause is...
KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates
Overview KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates. Yamano Yasuaki of NetAgent Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-mindd...
JVN#97810280: KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates
KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by th...