Vulnerabilites related to signal - private_messenger
Vulnerability from fkie_nvd
Published
2020-05-20 14:15
Modified
2024-11-21 05:34
Severity ?
Summary
Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | https://www.tenable.com/security/research/tra-2020-33 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/research/tra-2020-33 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| signal | private_messenger | * | |
| signal | signal | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:signal:private_messenger:*:*:*:*:*:android:*:*", matchCriteriaId: "6D4C2970-8FA4-4F09-B53F-43A89A1A0989", versionEndIncluding: "4.59.0", vulnerable: true, }, { criteria: "cpe:2.3:a:signal:signal:*:*:*:*:*:iphone_os:*:*", matchCriteriaId: "97DA7B29-5496-46D9-BDAC-F0295C01F720", versionEndIncluding: "3.8.1.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined.", }, { lang: "es", value: "Signal Private Messenger Android versiones v4.59.0 y superiores e iOS versiones v3.8.1.5 y superiores, permiten a alguien que no es contacto remoto llamar al teléfono Signal de la víctima y divulgar el servidor DNS usado actualmente debido al manejo de ICE Candidate antes de que la llamada sea contestada o rechazada.", }, ], id: "CVE-2020-5753", lastModified: "2024-11-21T05:34:32.410", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-05-20T14:15:11.673", references: [ { source: "vulnreport@tenable.com", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2020-33", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/research/tra-2020-33", }, ], sourceIdentifier: "vulnreport@tenable.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-670", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-10 17:29
Modified
2024-11-21 04:06
Severity ?
Summary
Signal Messenger for Android 4.24.8 may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| talos-cna@cisco.com | http://www.securityfocus.com/bid/106207 | Broken Link, Third Party Advisory, VDB Entry | |
| talos-cna@cisco.com | https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106207 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| signal | private_messenger | 4.24.8 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:signal:private_messenger:4.24.8:*:*:*:*:android:*:*", matchCriteriaId: "407833ED-FFBA-4F3A-95A7-25377A0E0832", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Signal Messenger for Android 4.24.8 may expose private information when using \"disappearing messages.\" If a user uses the photo feature available in the \"attach file\" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.", }, { lang: "es", value: "Existe una vulnerabilidad de inyección de comandos explotable en la funcionalidad del servidor web de los productos Moxa NPort W2x50A con firmware en versiones anteriores a la 2.2 Build_18082311. Una petición HTTP POST especialmente manipulada en /goform/net_WebPingGetValue puede resultar en la ejecución de comandos del sistema operativo como usuario root. Esto es similar a CVE-2017-12120.", }, ], id: "CVE-2018-3988", lastModified: "2024-11-21T04:06:26.643", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "talos-cna@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-10T17:29:00.270", references: [ { source: "talos-cna@cisco.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106207", }, { source: "talos-cna@cisco.com", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106207", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656", }, ], sourceIdentifier: "talos-cna@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-05 02:15
Modified
2024-11-21 04:31
Severity ?
Summary
The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via malformed packets. NOTE: the vendor plans to continue this behavior for performance reasons unless a WebRTC design change occurs
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugs.chromium.org/p/project-zero/issues/detail?id=1936 | Third Party Advisory | |
| cve@mitre.org | https://news.ycombinator.com/item?id=21161432 | Third Party Advisory | |
| cve@mitre.org | https://twitter.com/moxie/status/1180226374851710976 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/project-zero/issues/detail?id=1936 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://news.ycombinator.com/item?id=21161432 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://twitter.com/moxie/status/1180226374851710976 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| signal | private_messenger | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:signal:private_messenger:*:*:*:*:*:android:*:*", matchCriteriaId: "8838ED9C-7AAE-41A7-A8FF-4C5642252409", versionEndIncluding: "4.47.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "disputed", ], }, ], descriptions: [ { lang: "en", value: "The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via malformed packets. NOTE: the vendor plans to continue this behavior for performance reasons unless a WebRTC design change occurs", }, { lang: "es", value: "** EN DISPUTA ** El componente WebRTC en la aplicación Signal Private Messenger versiones hasta 4.47.7 para Android, procesa paquetes RTP de videoconferencia antes de que una persona que llama elija responder una llamada, lo que podría hacer mas fácil para los atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado por medio de paquetes malformados. NOTA: el proveedor planea seguir con este comportamiento por razones de rendimiento a menos de que ocurra un cambio en el diseño de WebRTC.", }, ], id: "CVE-2019-17192", lastModified: "2024-11-21T04:31:50.137", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-05T02:15:11.377", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1936", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://news.ycombinator.com/item?id=21161432", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://twitter.com/moxie/status/1180226374851710976", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1936", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://news.ycombinator.com/item?id=21161432", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://twitter.com/moxie/status/1180226374851710976", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-670", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-05 02:15
Modified
2024-11-21 04:31
Severity ?
Summary
The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block eavesdropping.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugs.chromium.org/p/project-zero/issues/detail?id=1943 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://news.ycombinator.com/item?id=21161432 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://twitter.com/moxie/status/1180261210341511168 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/project-zero/issues/detail?id=1943 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://news.ycombinator.com/item?id=21161432 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://twitter.com/moxie/status/1180261210341511168 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| signal | private_messenger | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:signal:private_messenger:*:*:*:*:*:android:*:*", matchCriteriaId: "843D1ABD-4EB8-4BAF-987D-6A51D11C2C10", versionEndExcluding: "4.47.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block eavesdropping.", }, { lang: "es", value: "La aplicación Signal Private Messenger versiones anteriores a 4.47.7 para Android, permite a la persona que llama forzar una llamada para ser respondida, sin interacción del usuario llamado, por medio de un mensaje de conexión. La existencia de la llamada es notable para la persona que llama; sin embargo, el canal de audio puede estar abierto antes de que la persona que llama pueda bloquear las escuchas.", }, ], id: "CVE-2019-17191", lastModified: "2024-11-21T04:31:50.000", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-05T02:15:11.300", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1943", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://news.ycombinator.com/item?id=21161432", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://twitter.com/moxie/status/1180261210341511168", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1943", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://news.ycombinator.com/item?id=21161432", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://twitter.com/moxie/status/1180261210341511168", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-24 02:29
Modified
2024-11-21 04:52
Severity ?
Summary
Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/107550 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/blazeinfosec/advisories/blob/master/signal-advisory.txt | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107550 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/blazeinfosec/advisories/blob/master/signal-advisory.txt | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| signal | private_messenger | * | |
| signal | signal-desktop | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:signal:private_messenger:*:*:*:*:*:android:*:*", matchCriteriaId: "62886A5F-FA19-4E16-8E1E-195302310554", versionEndIncluding: "4.35.3", vulnerable: true, }, { criteria: "cpe:2.3:a:signal:signal-desktop:*:*:*:*:*:*:*:*", matchCriteriaId: "F7AB79BE-52F8-409C-99FA-BB273862CDB4", versionEndIncluding: "1.23.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.", }, { lang: "es", value: "Open Whisper Signal (también conocido como Signal-Desktop) hasta la versión 1.23.1, así como la aplicación Signal Private Messenger hasta la versión 4.35.3 para Android, son vulnerables a un ataque homógrafo IDN al mostrar mensajes que contienen URL. Esto ocurre debido a que la aplicación produce un enlace clicable incluso si, por ejemplo, existen caracteres latinos y cirílicos en el mismo nombre de dominio y la fuente disponible tiene una representación idéntica de caracteres de diferentes alfabetos.", }, ], id: "CVE-2019-9970", lastModified: "2024-11-21T04:52:42.287", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-24T02:29:00.670", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107550", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/blazeinfosec/advisories/blob/master/signal-advisory.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107550", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/blazeinfosec/advisories/blob/master/signal-advisory.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2019-9970
Vulnerability from cvelistv5
Published
2019-03-24 01:52
Modified
2024-08-04 22:10
Severity ?
EPSS score ?
Summary
Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/107550 | vdb-entry, x_refsource_BID | |
| https://github.com/blazeinfosec/advisories/blob/master/signal-advisory.txt | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:10:08.403Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "107550", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107550", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/blazeinfosec/advisories/blob/master/signal-advisory.txt", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-25T19:14:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "107550", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107550", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/blazeinfosec/advisories/blob/master/signal-advisory.txt", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-9970", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and Cyrillic characters exist in the same domain name, and the available font has an identical representation of characters from different alphabets.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "107550", refsource: "BID", url: "http://www.securityfocus.com/bid/107550", }, { name: "https://github.com/blazeinfosec/advisories/blob/master/signal-advisory.txt", refsource: "MISC", url: "https://github.com/blazeinfosec/advisories/blob/master/signal-advisory.txt", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-9970", datePublished: "2019-03-24T01:52:33", dateReserved: "2019-03-23T00:00:00", dateUpdated: "2024-08-04T22:10:08.403Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-3988
Vulnerability from cvelistv5
Published
2018-12-10 17:00
Modified
2024-08-05 04:57
Severity ?
EPSS score ?
Summary
Signal Messenger for Android 4.24.8 may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/106207 | vdb-entry, x_refsource_BID | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:57:24.494Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "106207", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106207", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Signal", vendor: "n/a", versions: [ { status: "affected", version: "Signal Messenger Android 4.24.8", }, ], }, ], datePublic: "2018-12-10T00:00:00", descriptions: [ { lang: "en", value: "Signal Messenger for Android 4.24.8 may expose private information when using \"disappearing messages.\" If a user uses the photo feature available in the \"attach file\" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "privacy violation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-19T18:07:36", orgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", shortName: "talos", }, references: [ { name: "106207", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106207", }, { tags: [ "x_refsource_MISC", ], url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "talos-cna@cisco.com", ID: "CVE-2018-3988", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Signal", version: { version_data: [ { version_value: "Signal Messenger Android 4.24.8", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Signal Messenger for Android 4.24.8 may expose private information when using \"disappearing messages.\" If a user uses the photo feature available in the \"attach file\" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.", }, ], }, impact: { cvss: { baseScore: 3.3, baseSeverity: "Low", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "privacy violation", }, ], }, ], }, references: { reference_data: [ { name: "106207", refsource: "BID", url: "http://www.securityfocus.com/bid/106207", }, { name: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656", refsource: "MISC", url: "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", assignerShortName: "talos", cveId: "CVE-2018-3988", datePublished: "2018-12-10T17:00:00", dateReserved: "2018-01-02T00:00:00", dateUpdated: "2024-08-05T04:57:24.494Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-5753
Vulnerability from cvelistv5
Published
2020-05-20 13:40
Modified
2024-08-04 08:39
Severity ?
EPSS score ?
Summary
Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tenable.com/security/research/tra-2020-33 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Signal Private Messenger |
Version: Android versions v4.59.0 and up, iOS versions v3.8.1.5 and up |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:39:25.691Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/research/tra-2020-33", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Signal Private Messenger", vendor: "n/a", versions: [ { status: "affected", version: "Android versions v4.59.0 and up, iOS versions v3.8.1.5 and up", }, ], }, ], descriptions: [ { lang: "en", value: "Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined.", }, ], problemTypes: [ { descriptions: [ { description: "Information Disclosure", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-20T13:40:19", orgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", shortName: "tenable", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/research/tra-2020-33", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vulnreport@tenable.com", ID: "CVE-2020-5753", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Signal Private Messenger", version: { version_data: [ { version_value: "Android versions v4.59.0 and up, iOS versions v3.8.1.5 and up", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Information Disclosure", }, ], }, ], }, references: { reference_data: [ { name: "https://www.tenable.com/security/research/tra-2020-33", refsource: "MISC", url: "https://www.tenable.com/security/research/tra-2020-33", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", assignerShortName: "tenable", cveId: "CVE-2020-5753", datePublished: "2020-05-20T13:40:19", dateReserved: "2020-01-06T00:00:00", dateUpdated: "2024-08-04T08:39:25.691Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17192
Vulnerability from cvelistv5
Published
2019-10-05 01:13
Modified
2024-08-05 01:33
Severity ?
EPSS score ?
Summary
The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via malformed packets. NOTE: the vendor plans to continue this behavior for performance reasons unless a WebRTC design change occurs
References
| ▼ | URL | Tags |
|---|---|---|
| https://news.ycombinator.com/item?id=21161432 | x_refsource_MISC | |
| https://twitter.com/moxie/status/1180226374851710976 | x_refsource_MISC | |
| https://bugs.chromium.org/p/project-zero/issues/detail?id=1936 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:33:17.261Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://news.ycombinator.com/item?id=21161432", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://twitter.com/moxie/status/1180226374851710976", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1936", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via malformed packets. NOTE: the vendor plans to continue this behavior for performance reasons unless a WebRTC design change occurs", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-05T01:13:31", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://news.ycombinator.com/item?id=21161432", }, { tags: [ "x_refsource_MISC", ], url: "https://twitter.com/moxie/status/1180226374851710976", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1936", }, ], tags: [ "disputed", ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-17192", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "** DISPUTED ** The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via malformed packets. NOTE: the vendor plans to continue this behavior for performance reasons unless a WebRTC design change occurs.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://news.ycombinator.com/item?id=21161432", refsource: "MISC", url: "https://news.ycombinator.com/item?id=21161432", }, { name: "https://twitter.com/moxie/status/1180226374851710976", refsource: "MISC", url: "https://twitter.com/moxie/status/1180226374851710976", }, { name: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1936", refsource: "MISC", url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1936", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-17192", datePublished: "2019-10-05T01:13:31", dateReserved: "2019-10-05T00:00:00", dateUpdated: "2024-08-05T01:33:17.261Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17191
Vulnerability from cvelistv5
Published
2019-10-05 01:15
Modified
2024-08-05 01:33
Severity ?
EPSS score ?
Summary
The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block eavesdropping.
References
| ▼ | URL | Tags |
|---|---|---|
| https://news.ycombinator.com/item?id=21161432 | x_refsource_MISC | |
| https://twitter.com/moxie/status/1180261210341511168 | x_refsource_MISC | |
| https://bugs.chromium.org/p/project-zero/issues/detail?id=1943 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:33:17.289Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://news.ycombinator.com/item?id=21161432", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://twitter.com/moxie/status/1180261210341511168", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1943", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block eavesdropping.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-05T01:15:51", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://news.ycombinator.com/item?id=21161432", }, { tags: [ "x_refsource_MISC", ], url: "https://twitter.com/moxie/status/1180261210341511168", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1943", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-17191", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block eavesdropping.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://news.ycombinator.com/item?id=21161432", refsource: "MISC", url: "https://news.ycombinator.com/item?id=21161432", }, { name: "https://twitter.com/moxie/status/1180261210341511168", refsource: "MISC", url: "https://twitter.com/moxie/status/1180261210341511168", }, { name: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1943", refsource: "MISC", url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1943", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-17191", datePublished: "2019-10-05T01:15:51", dateReserved: "2019-10-05T00:00:00", dateUpdated: "2024-08-05T01:33:17.289Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }