The La Banque Postale application before 3.2.6 for Android does not prevent the launching of an activity by a component of another application, which allows attackers to obtain sensitive cached banking information via crafted intents, as demonstrated by the drozer framework.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.youtube.com/watch?v=MF9lrh1kpDs |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-09-02T10:00:00
Updated: 2024-08-06T11:34:37.432Z
Reserved: 2014-07-24T00:00:00
Link: CVE-2014-5076
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-09-02T10:55:04.637
Modified: 2024-11-21T02:11:22.317
Link: CVE-2014-5076
Redhat
No data.