Vulnerability Details CVE-2014-5076
The La Banque Postale application before 3.2.6 for Android does not prevent the launching of an activity by a component of another application, which allows attackers to obtain sensitive cached banking information via crafted intents, as demonstrated by the drozer framework.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.0%
CVSS Severity
CVSS v2 Score 4.3
Products affected by CVE-2014-5076
-
cpe:2.3:a:labanquepostale:labanquepostale:3.2