3 matches found
CVE-2018-13434
An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The LAContext class for Biometric TouchID validation allows authentication bypass by overriding the LAContext return Boolean value to be "true" because the kSecAccessControlUserPresence protection mechanism is not used. ...
PT-2018-11821 · Line · Line
Name of the Vulnerable Software and Affected Versions: LINE application version 8.8.0 for iOS Description: An issue in the LINE application allows authentication bypass by overriding the LAContext return Boolean value to be "true" because the kSecAccessControlUserPresence protection mechanism is...
PT-2018-11092 · Dropbox · Dropbox
Name of the Vulnerable Software and Affected Versions: com.getdropbox.Dropbox app version 100.2 for iOS Description: An issue in the LAContext class for Biometric TouchID validation allows authentication bypass by overriding the LAContext return Boolean value to be "true" because the...