12 matches found
EUVD-2013-5231
Malware in sbrugna...
CVE-2020-4229
IBM Worklight/MobileFoundation 8.0.0.0 does not properly invalidate session cookies when a user logs out of a session, which could allow another user to gain unauthorized access to a user's session. IBM X-Force ID: 175211...
Security Bulletin: Vulnerability in Apache Cordova affects IBM Worklight, IBM Mobile Foundation and IBM MobileFirst Platform Foundation (CVE-2015-5204)
Summary Apache Cordova File Transfer Plugin for Android is vulnerable to HTTP header injection, caused by improper validation of input. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to inject arbitrary HTTP headers, which will all...
Security Bulletin: Vulnerabilities in Dojo Toolkit affect IBM Worklight and IBM MobileFirst Platform Foundation (CVE-2014-8917)
Summary There are cross-site scripting vulnerabilities in the Dojo Toolkit that is used by IBM Worklight and IBM MobileFirst Platform Foundation. Vulnerability Details CVEID: CVE-2014-8917 DESCRIPTION: IBM Dojo Toolkit is vulnerable to cross-site scripting, caused by improper validation of...
Security Bulletin: IBM Mobile Foundation, IBM Worklight, and IBM Worklight Foundation are affected by the following Apache Cordova vulnerabilities: CVE-2014-3500, CVE-2014-3501 and CVE-2014-3502
Summary Apache Cordova, which is used by these products, is vulnerable to Cross-Application Scripting XAS and Data Exfiltration vulnerabilities. A remote attacker might exploit these vulnerabilities to expose sensitive data from the mobile application. Vulnerability Details CVEID: CVE-2014-3500...
Security Bulletin: IBM Worklight and IBM Mobile Foundation application authenticity bypass (CVE-2014-0888)
Summary IBM Worklight and IBM Mobile Foundation application authenticity verification can be bypassed under certain conditions. Vulnerability Details CVEID: CVE-2014-0888 DESCRIPTION: The application authenticity feature in IBM Worklight and IBM Mobile Foundation enables the Worklight server to...
Security Bulletin: IBM Worklight Android Pseudo Random Number Generator Weakness (CVE-2013-5391)
Summary Android applications that use Java Cryptography Architecture for key generation, signing or random number generation might not receive cryptographically strong values due to improper initialization of the underlying Pseudo Random Number Generator. Vulnerability Details CVEID: CVE-2013-539...
IBM Worklight and Mobile Foundation Weak Password Vulnerability
IBM Worklight and Mobile Foundation are both products of IBM Corporation in the U.S. IBM Worklight is a suite of integrated development environments IDEs for developing, testing, running, and managing mobile applications.Mobile Foundation is a suite of software for rapidly creating mobile and...
Input validation
IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by...
CVE-2013-5391
IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by...
CVE-2013-5391
IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by...
CVE-2013-5391
CVE-2013-5391 affects IBM Worklight and Mobile Foundation on Android, where improper initialization of the PRNG and use of the Java Cryptography Architecture in Worklight programs can weaken cryptographic protection. Affected products include IBM Worklight Consumer/Enterprise Editions 5.0.x prior...