subject:"\[FD\] \[CVE\-2018\-5258\] Neon 1.6.14 for iOS Missing SSL Certificate Validation"

Re: [FD] [CVE-2018-5258] Neon 1.6.14 for iOS Missing SSL Certificate Validation

2018-01-16 Thread Rodrigo Menezes

The three events listed with dates from January, 2017 on the "Timeline" section actually occurred on January, 2018. This is the correct timeline: - [2017-12-30] First attempt to contact the vendor (no response). - [2018-01-06] Second attempt to contact the vendor. The vendor aff

[FD] [CVE-2018-5258] Neon 1.6.14 for iOS Missing SSL Certificate Validation

2018-01-16 Thread Rodrigo Menezes

Title Neon 1.6.14 for iOS Missing SSL Certificate Validation Date 2018-01-15 Author Rodrigo Laneth Twitter: @rlaneth CVE-ID CVE-2018-5258 Vendor Banco Neon S.A. Software Neon https://itunes.apple.com/app/neon/id1127