PT-2019-7247 · Unity · Unity Web Player
Published
2019-07-29
·
Updated
2019-08-01
·
CVE-2015-9288
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Unity Web Player versions 4.6.6f1 and earlier, 5.x before 5.0.3f2
Description
The issue allows attackers to read messages or access online services via a victim's credentials.
Recommendations
For Unity Web Player versions 4.6.6f1 and earlier, update to version 4.6.6f2 or later.
For Unity Web Player 5.x before 5.0.3f2, update to version 5.0.3f2 or later.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Unity Web Player