MidnightBSD

Advisories for islonline

CVE-2013-6237 LOW

The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
islonline isl_desktop_plugin *
islonline isl_desktop_plugin 1.3.3
islonline isl_desktop_plugin 1.4.1
islonline isl_light *
islonline isl_desktop_plugin 1.4.2
CVE-2014-5647 MEDIUM

The ISL Light Remote Desktop (aka com.islonline.isllight.mobile.android) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
islonline isl_light_remote_desktop 2.1.0