CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8068
https://notcve.org/view.php?id=CVE-2014-8068
Adobe Digital Editions (DE) 4 does not use encryption for transmission of data to adelogs.adobe.com, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by book-navigation information. Adobe Digital Editions (DE) 4 no utiliza la codificación para la transmisión de datos a adelogs.adobe.com, lo que permite a atacantes remotos obtener información sensible mediante la captura de trafico de la red, tal y como fue demostrado por la información de la navegación por libros. • http://arstechnica.com/security/2014/10/adobes-e-book-reader-sends-your-reading-logs-back-to-adobe-in-plain-text http://secunia.com/advisories/61551 http://the-digital-reader.com/2014/10/06/adobe-spying-users-collecting-data-ebook-libraries http://twitter.com/AdobeSecurity/statuses/519826275008282624 https://exchange.xforce.ibmcloud.com/vulnerabilities/97696 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0CVE-2002-1017
https://notcve.org/view.php?id=CVE-2002-1017
Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code. • http://online.securityfocus.com/archive/1/285093 http://www.iss.net/security_center/static/9740.php http://www.securityfocus.com/bid/5358 •