Rediff: Security Vulnerabilities
The Rediffmail (aka com.rediff.mail.and) application 2.2.6 for Android has cleartext mail content in file storage, persisting after a logout.
CVSS Score
4.6
EPSS Score
0.0
Published
2019-05-09
The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments.
CVSS Score
7.5
EPSS Score
0.029
Published
2007-03-10
Rediff Bol Downloader ActiveX (OCX) control allows remote attackers to execute arbitrary files, and obtain sensitive information (usernames and pathnames), via a URL in the url vbscript parameter.
CVSS Score
7.5
EPSS Score
0.028
Published
2006-12-31
The Fetch.FetchContact.1 ActiveX control (Fetch.dll) for Rediff Bol 7.0 allows remote attackers to read the Windows Address Book via the FullAddressBook method.
CVSS Score
5.0
EPSS Score
0.004
Published
2005-09-08