RSS   Vulnerabilities for 'Ithoughtshd'   RSS

2014-03-26
 
CVE-2014-1828

CWE-20
 

 
The iThoughts web server in the iThoughtsHD app 4.19 for iOS on iPad devices allows remote attackers to cause a denial of service (disk consumption) by uploading a large file.

 
 
CVE-2014-1827

CWE-20
 

 
The iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to upload arbitrary files by placing a %00 sequence after a dangerous extension, as demonstrated by a .html%00.txt file.

 
 
CVE-2014-1826

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name.

 


Copyright 2024, cxsecurity.com

 

Back to Top