Lucene search
K

9 matches found

Prion
Prion
added 2017/09/26 2:29 p.m.15 views

Design/Logic Flaw

Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information from encrypted communications via a crafted certificate...

4.3CVSS6.3AI score0.00828EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2017/09/26 2:29 p.m.16 views

CVE-2015-0874

Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information from encrypted communications via a crafted certificate...

5.9CVSS5.3AI score0.00828EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/09/26 2:0 p.m.22 views

CVE-2015-0874

Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information from encrypted communications via a crafted certificate...

5.3AI score0.00828EPSS
Exploits0References3
CVE
CVE
added 2017/09/26 2:0 p.m.48 views

CVE-2015-0874

CVE-2015-0874 affects Smartphone Passbook 1.0.0, which fails to verify X.509 certificates from SSL servers. This allows a man-in-the-middle to eavesdrop on encrypted communications via a crafted certificate, as described in multiple sources (NVD/National CVE record and JVN entries). The practical...

5.9CVSS5.2AI score0.00828EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2015/02/21 12:0 a.m.3 views

Ogaki Kyoritsu bank Smartphone Passbook Security Bypass Vulnerability

Ogaki Kyoritsu bank Smartphone Passbook is a suite of mobile banking passbook applications from Ogaki Kyoritsu Bank Corporation in Japan. A security bypass vulnerability exists in Ogaki Kyoritsu bank Smartphone Passbook, which can be exploited by remote attackers to conduct man-in-the-middle...

5.9CVSS6.9AI score0.00828EPSS
Exploits0References1
CNVD
CNVD
added 2015/02/21 12:0 a.m.3 views

Ogaki Kyoritsu bank Smartphone Passbook for Android Information Disclosure Vulnerability

Ogaki Kyoritsu bank Smartphone Passbook is a suite of mobile banking passbook applications from Ogaki Kyoritsu Bank Corporation in Japan. Ogaki Kyoritsu bank Smartphone Passbook fails to securely create log files containing sensitive data, allowing an attacker to exploit vulnerabilities to obtain...

1.8CVSS6.8AI score0.00401EPSS
Exploits0References1
CVE
CVE
added 2015/02/15 2:0 a.m.51 views

CVE-2015-0875

The Ogaki Kyoritsu Bank Smartphone Passbook for Android (Ver. 1.0.0) creates log files that contain user input data, enabling reading of sensitive information by anyone with access to the log. Multiple sources (NVD/CNVD/JVN) document an information-disclosure vulnerability arising from logging us...

1.8CVSS6.1AI score0.00401EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/02/13 5:32 a.m.3 views

Smartphone Passbook fails to verify SSL server certificates

Overview Smartphone Passbook provided by Ogaki Kyoritsu bank Ltd. fails to verify SSL server certificates. Hiroshi Kumagai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle attack may allow...

5.9CVSS6.5AI score0.00828EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/02/13 12:0 a.m.34 views

JVN#14522790: Smartphone Passbook fails to verify SSL server certificates

Smartphone Passbook provided by Ogaki Kyoritsu bank Ltd. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by...

5.9CVSS5.5AI score0.00828EPSS
Exploits0
Rows per page
Query Builder