CVE-2017-15582
N/A
N/A
Summary
In net.MCrypt in the "Diary with lock" (aka WriteDiary) application 4.72 for Android, hardcoded SecretKey and iv variables are used for the AES parameters, which makes it easier for attackers to obtain the cleartext of stored diary entries.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://1337sec.blogspot.de/2017/10/auditing-writediarycom-cve-2017-15581.html
- https://gist.github.com/anonymous/603b89f864a71426042b167cab557efa
References
- https://1337sec.blogspot.de/2017/10/auditing-writediarycom-cve-2017-15581.html
- https://gist.github.com/anonymous/603b89f864a71426042b167cab557efa
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.