Disney
Products
5- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12085 | Cri | 0.59 | 9.0 | 0.02 | Nov 7, 2017 | An exploitable routing vulnerability exists in the Circle with Disney cloud infrastructure. A specially crafted packet can make the Circle cloud route a packet to any arbitrary Circle device. An attacker needs network connectivity to the Internet to trigger this vulnerability. | ||
| CVE-2014-5849 | 0.00 | — | 0.00 | Sep 9, 2014 | The Maleficent Free Fall (aka com.disney.maleficent_goo) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||
| CVE-2014-5607 | 0.00 | — | 0.00 | Sep 9, 2014 | The Where's My Water? Free (aka com.disney.WMWLite) application 1.9.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||
| CVE-2014-5606 | 0.00 | — | 0.00 | Sep 9, 2014 | The Where's My Perry? Free (aka com.disney.WMPLite) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||
| CVE-1999-1009 | 0.00 | — | 0.01 | Dec 12, 1999 | The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. |
- risk 0.59cvss 9.0epss 0.02
An exploitable routing vulnerability exists in the Circle with Disney cloud infrastructure. A specially crafted packet can make the Circle cloud route a packet to any arbitrary Circle device. An attacker needs network connectivity to the Internet to trigger this vulnerability.
- CVE-2014-5849Sep 9, 2014risk 0.00cvss —epss 0.00
The Maleficent Free Fall (aka com.disney.maleficent_goo) application 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- CVE-2014-5607Sep 9, 2014risk 0.00cvss —epss 0.00
The Where's My Water? Free (aka com.disney.WMWLite) application 1.9.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- CVE-2014-5606Sep 9, 2014risk 0.00cvss —epss 0.00
The Where's My Perry? Free (aka com.disney.WMPLite) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- CVE-1999-1009Dec 12, 1999risk 0.00cvss —epss 0.01
The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system.