CVE-2007-5778

Опубликовано: 01 нояб. 2007

Источник: nvd

CVSS3: 7.5

CVSS2: 6.4

EPSS Низкий

Описание

Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network.

Ссылки

http://osvdb.org/43625
Broken Link
http://osvdb.org/43626
Broken Link
http://securityreason.com/securityalert/3333
Broken Link
http://www.airscanner.com/security/07101401_mobilespy.htm
Broken Link
http://www.informit.com/articles/article.aspx?p=1077909
Third Party Advisory
http://www.securityfocus.com/archive/1/482663/100/0/threaded
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/26177
Broken Link
Third Party Advisory
VDB Entry
http://osvdb.org/43625
Broken Link
http://osvdb.org/43626
Broken Link
http://securityreason.com/securityalert/3333
Broken Link
http://www.airscanner.com/security/07101401_mobilespy.htm
Broken Link
http://www.informit.com/articles/article.aspx?p=1077909
Third Party Advisory
http://www.securityfocus.com/archive/1/482663/100/0/threaded
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/26177
Broken Link
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:flexispy:mobile_spy:-:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00242

Низкий

7.5 High

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-312

Связанные уязвимости

GHSA-vrfc-3whc-j2hq