CVE-2014-5076

Labanquepostale < 3.2 - Information Disclosure

Title source: rule
STIX 2.1

Description

The La Banque Postale application before 3.2.6 for Android does not prevent the launching of an activity by a component of another application, which allows attackers to obtain sensitive cached banking information via crafted intents, as demonstrated by the drozer framework.

References (1)

Core 1
Core References

Scores

EPSS 0.0100
EPSS Percentile 58.5%

Details

CWE
CWE-200
Status published
Products (1)
labanquepostale/labanquepostale < 3.2
Published Sep 02, 2014
Tracked Since Feb 18, 2026