MidnightBSD

Advisories for rediff

CVE-2006-6838 HIGH

Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to execute arbitrary files, and obtain sensitive information (usernames and pathnames), via a URL in the url vbscript parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rediff bol_downloader_activex_ocx_control *
CVE-2019-11836 LOW

The Rediffmail (aka com.rediff.mail.and) application 2.2.6 for Android has cleartext mail content in file storage, persisting after a logout.

CVSS 2.0

Severity: LOW

Problem Type: CWE-311,

Products Affected

Vendor Product Version
rediff rediffmail 2.2.6