Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2640

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-2640
Last Modified 17 Jul 2012 12:00:00
Published 05 Jul 2012 01:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-2640

Summary

The NEC BIGLOBE Yome Collection application 1.8.3 and earlier for Android allows remote attackers to read the IMEI value from an SD card via a crafted application that lacks the READ_PHONE_STATE permission.

Vulnerable Systems

Application

  • Yomecolle Nec Biglobe Yome Collection 1.8.3


References

CONFIRM - http://yomecolle.jp/info/android_oshirase/

CONFIRM - http://www.nec.co.jp/security-info/secinfo/nv12-008.html

JVNDB - JVNDB-2012-000064

JVN - JVN#05102851

CONFIRM - http://jvn.jp/en/jp/JVN05102851/995355/index.html


Last Updated: 27 May 2016 10:56:36