Hi Mam/Sir We have an Issue in our Application during Vulnerability Assessment Scan as seen in this details and they gave us this tips but how are we going to execute this or clear the memory immidiately as they advice? Thanks

anon-8 · September 19, 2018, 10:05pm

This thread was migrated from an old forum. It may contain information that are no longer valid. For further assistance, please post a new question or open a support ticket from the Customer Support portal.

Issue in our Application during Vulnerability Assessment Scan:

It is possible to cause the application to disclose information contained within other memory structures of the application. This ability, if further exploited, could lead to any and all sensitive information stored on the heap being sent to the user and may lead to a complete compromise of the affected system.

Explanation

A determined attacker may be able to use this vulnerability to retrieve sensitive information from system memory.

Recommendation

Ensure the application sanitizes input in order to minimize the chance of exploitation.

Tips

Exploitation details are highly dependent on specific application and platform

References

Keep Sensitive Information in RAM for a Short Time http://www.androidsecurity.guru/keep-sensitive-information-in-ram-for-a-short-time/ Guideline 2-3: Consider purging highly sensitive data from memory after use http://www.oracle.com/technetwork/java/seccodeguide-139067.html#2

anon-9 · September 20, 2018, 2:45pm

We got this security issue upon scanning our IOS application. We are using Kony 7.3 visualizer. Hopefully, someone could help us. Thanks.

anon-9 · September 20, 2018, 11:42pm

Adding @Amvndv Nolvn @Avv Chvpmvn to this thread. Can you please take a look. Thanks!