Required CVE Record Information
Description
The Manager in Eye-Fi 1.1.2 generates predictable snonce values based on the time of day, which allows remote attackers to bypass authentication and upload arbitrary images by guessing the snonce.
References 5 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- securityfocus.com: 28085 vdb-entryx_transferred
- securityfocus.com: 20080303 Airscanner Mobile Security Advisory #07122001: Eye-Fi Multiple Vulnerabilities mailing-listx_transferred
- secunia.com: 29221 third-party-advisoryx_transferred
- osvdb.org: 42719 vdb-entryx_transferred
- http://www.informit.com/articles/article.aspx?p=1177111&seqNum=2 x_transferred