EUVD-2013-5563

Malware in sbrugna...

CVE-2013-5726

Tweetbot 1.3.3 for Mac, and 2.8.5 for iPad and iPhone, does not require confirmation of 1 follow or 2 favorite actions, which allows remote attackers to automatically force the user to perform undesired actions, as demonstrated via the tweetbot:///follow/ URL...

CVE-2013-5726

Tweetbot 1.3.3 for Mac, and 2.8.5 for iPad and iPhone, does not require confirmation of 1 follow or 2 favorite actions, which allows remote attackers to automatically force the user to perform undesired actions, as demonstrated via the tweetbot:///follow/ URL...

Design/Logic Flaw

Tweetbot 1.3.3 for Mac, and 2.8.5 for iPad and iPhone, does not require confirmation of 1 follow or 2 favorite actions, which allows remote attackers to automatically force the user to perform undesired actions, as demonstrated via the tweetbot:///follow/ URL...

CVE-2013-5726

Tweetbot 1.3.3 for Mac, and 2.8.5 for iPad and iPhone, does not require confirmation of 1 follow or 2 favorite actions, which allows remote attackers to automatically force the user to perform undesired actions, as demonstrated via the tweetbot:///follow/ URL...

CVE-2013-5726

Tweetbot 1.3.3 for Mac and 2.8.5 for iPad/iPhone expose a vulnerability via the tweetbot:/// URL scheme that does not require user confirmation for follow or favorite actions. This design allows remote attackers to trigger actions on behalf of the user without prompts, effectively forcing undesir...

Tweetbot Lack Of User Confirmation

Affected Vendor: http://tapbots.com/ - Affected Software: Tweetbot for Mac, iPad and iPhone - Affected Version: Mac: 1.3.3 - iPad: 2.8.5 - iPhone: 2.8.5 - Issue Type: Lack of user confirmation leading to Twitter action revealing the user's Twitter identity - Release Date: November 1, 2013 -...