[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-1938Date: (C)2008-04-25   (M)2023-12-22


Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly verify web server SSL certificates, which allows remote attackers to obtain sensitive information and conduct spoofing attacks.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.4
Exploit Score: 10.0
Impact Score: 4.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: PARTIAL
  
Reference:
BID-28905
SECUNIA-29928
ADV-2008-1349
JVN#76788395
http://esupport.sony.com/perl/news-item.pl?news_id=262&mdl=COM2
http://mylo.nccl.sony.co.jp/download/M-W002-001-02/index.html
http://mylo.nccl.sony.co.jp/hotnews/2008/04/01/index.html
sony-mylo-ssl-spoofing(41971)

CWE    1
CWE-287

© SecPod Technologies