Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Android Picasa in Android 3.0 and 2.x through 2.3.4 uses a cleartext HTTP session when transmitting the authToken obtained from ClientLogin, which allows remote attackers to gain privileges and access private pictures and web albums by sniffing the token from connections with picasaweb.google.com.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Android Picasa加密问题漏洞
Vulnerability Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。 Android 3.0和2.x至2.3.4版本中的Android Picasa在传输从ClientLogin获得的authToken时使用明文HTTP会话。远程攻击者可通过与picasaweb.google.com的链接嗅探令牌获得特权并访问私人图片和web相册。
CVSS Information
N/A
Vulnerability Type
N/A