Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1938

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2008-1938
Last Modified 07 Mar 2011 10:08:16
Published 25 Apr 2008 02:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1938

Summary

Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly verify web server SSL certificates, which allows remote attackers to obtain sensitive information and conduct spoofing attacks.

Vulnerable Systems

Application

  • Sony Mylo Com 2 1.001

  • Sony Mylo Com 2 1.100


References

XF - sony-mylo-ssl-spoofing(41971)

VUPEN - ADV-2008-1349

BID - 28905

SECUNIA - 29928

CONFIRM - http://mylo.nccl.sony.co.jp/hotnews/2008/04/01/index.html

CONFIRM - http://mylo.nccl.sony.co.jp/download/M-W002-001-02/index.html

JVN - JVN#76788395

CONFIRM - http://esupport.sony.com/perl/news-item.pl?news_id=262&mdl=COM2


Last Updated: 27 May 2016 10:47:42