漏洞标题
N/A
漏洞描述信息
安卓应用《金钱预测》( Prior to v7.18.0) 、金钱预测给弘大银行 ( Prior to v1.2.0) 、金钱预测给日立金融网络银行 ( Prior to v1.2.0) 、金钱预测给日立金融网络银行( Prior to v1.4.0) 、金钱预测给现代东京证券 ( Prior to v1.4.0) 、金钱预测给东京银行 ( Prior to v1.3.0) 、金钱预测给YMFG ( Prior to v1.5.0) 、金钱预测给AppPass ( Prior to v7.18.3) 、金钱预测给au SMARTPASS ( Prior to v7.18.0) 、金钱预测给Chou Houdai ( Prior to v7.18.3) 由金钱预测公司提供的金钱预测,以及金钱预测给AppPass ( Prior to v7.18.3) 和au SMARTPASS ( Prior to v7.18.0) 的金钱预测,并未正确实现WebView类,这允许攻击者通过特别编写的应用来泄露设备存储的信息。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior to v1.6.0), Money Forward for Tokai Tokyo Securities (prior to v1.4.0), Money Forward for THE TOHO BANK (prior to v1.3.0), Money Forward for YMFG (prior to v1.5.0) provided by Money Forward, Inc. and Money Forward for AppPass (prior to v7.18.3), Money Forward for au SMARTPASS (prior to v7.18.0), Money Forward for Chou Houdai (prior to v7.18.3) provided by SOURCENEXT CORPORATION do not properly implement the WebView class, which allows an attacker to disclose information stored on the device via a specially crafted application.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
多款Money Forward和SOURCENEXT CORPORATION产品安全漏洞
漏洞描述信息
Android Apps Money Forward和SOURCENEXT CORPORATION Money Forward for AppPass等都是资金管理软件。Android Apps Money Forward是日本Money Forward公司的基于Android系统的财富管理应用程序。SOURCENEXT CORPORATION Money Forward for AppPass是日本SOURCENEXT CORPORATION公司的财富管理应用程序。 多款Money Forward和SO
CVSS信息
N/A
漏洞类别
信息泄露