CVE-2007-5778
HIGHMobile Spy - Cleartext Storage of Sensitive Information in Registry and HTTP Traffic
Title source: llmDescription
Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network.
References (7)
Core 7
Core References
Broken Link, Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/482663/100/0/threaded
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/43625
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/26177
Third Party Advisory x_refsource_misc
http://www.informit.com/articles/article.aspx?p=1077909
Broken Link x_refsource_misc
http://www.airscanner.com/security/07101401_mobilespy.htm
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/43626
Broken Link third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3333
Scores
CVSS v3
7.5
EPSS
0.0119
EPSS Percentile
63.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-312
Status
published
Products (1)
flexispy/mobile_spy
Published
Nov 01, 2007
Tracked Since
Feb 18, 2026