Box.net Affected

Notified:  September 21, 2007 Updated: September 23, 2007

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

eBay Unknown

Notified:  September 06, 2007 Updated: September 06, 2007

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Google Affected

Updated:  November 04, 2008

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Some Google services may be offered over encrypted https connections. See http://mail.google.com/support/bin/answer.py?answer=8155&topic=1560&security=1&ctx=security and https://mail.google.com/support/bin/answer.py?hl=en&answer=74765 for more information. Administrators of Google Apps for their domains may be able to require that their users connect via SSL connections.

Microsoft Corporation Affected

Updated:  September 06, 2007

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

See http://lc1.law13.hotmail.passport.com/cgi-bin/dasp/ua_info.asp?pg=ssl&_lang=EN for more details.

MySpace.com Unknown

Notified:  September 05, 2007 Updated: September 05, 2007

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

salesforce.com Not Affected

Updated:  September 12, 2007

Status

Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

See https://na1.salesforce.com/help/doc/en/salesforce_security_cheatsheet.pdf for information on how to require that users connect via https.

Yahoo, Inc. Affected

Updated:  September 01, 2007

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

See http://security.yahoo.com/ for more details.

Zoho Affected

Notified:  September 21, 2007 Updated: September 23, 2007

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.