Title
Neon 1.6.14 for iOS Missing SSL Certificate Validation
Date
2018-01-15
Author
Rodrigo Laneth
Twitter: @rlaneth
CVE-ID
CVE-2018-5258
Vendor
Banco Neon S.A.
Software
Neon
https://itunes.apple.com/app/neon/id1127
issue is being investigated by the
app's development team, not providing any new information.
- [2018-01-15] Full disclosure.
A corrected version of the advisory will be sent to the list. I apologize for
the mistake.
On Mon, 15 Jan 2018 04:29:54 -0200 Ro
Title
Neon 1.6.14 for iOS Missing SSL Certificate Validation
Date
2018-01-15
Author
Rodrigo Laneth
Twitter: @rlaneth
CVE-ID
CVE-2018-5258
Vendor
Banco Neon S.A.
Software
Neon
https://itunes.apple.com/app/neon/id1127
---
> On 2016-01-08 00:50:51 -0200, Rodrigo Menezes wrote:
>
> > Many of us have now been long aware of the possibility of
> > programming an USB device to emulate a keyboard and automatically
> > send keystrokes in order to perform malicious actions on a
Many of us have now been long aware of the possibility of programming an USB
device to emulate a keyboard and automatically send keystrokes in order to
perform malicious actions on a computer. Some of the most interesting payloads
that can be used with this technique are based around downloading
