CVE-2013-4873
NONE EPSS 79.1%
Published Jul 18, 201312y ago · Modified Jun 16, 20262w ago
Published Jul 18, 2013 12y ago
Last Modified Jun 16, 2026 2w ago
Description
The Yahoo! Tumblr app before 3.4.1 for iOS sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.
Threat Intelligence
EPSS Exploit Probability
79.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-255
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| yahoo | tumblr | * | ≤3.4.0 |
References 5
- osvdb.org http://osvdb.org/95374
- staff.tumblr.com http://staff.tumblr.com/post/55648373578/important-security-update-for-iphone-ipad-users
- theregister.co.uk http://www.theregister.co.uk/2013/07/17/tumblr_ios_snafu_fixed/
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/85823
- itunes.apple.com https://itunes.apple.com/us/app/tumblr/id305343404
Remediation
- itunes.apple.com https://itunes.apple.com/us/app/tumblr/id305343404