Описание
Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network.
Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-5778
- http://osvdb.org/43625
- http://osvdb.org/43626
- http://securityreason.com/securityalert/3333
- http://www.airscanner.com/security/07101401_mobilespy.htm
- http://www.informit.com/articles/article.aspx?p=1077909
- http://www.securityfocus.com/archive/1/482663/100/0/threaded
- http://www.securityfocus.com/bid/26177
Связанные уязвимости
Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network.