CVE-2013-6986

Sažetak

The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by password elements.

Reference

http://archives.neohapsis.com/archives/bugtraq/2013-12/0040.html
http://osvdb.org/100745
http://packetstormsecurity.com/files/124330/ZippyYum-3.4-Insecure-Data-Storage.html
http://seclists.org/fulldisclosure/2013/Dec/39

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

20-12-2013 - 04:38

Objavljeno

12-12-2013 - 17:55