Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4009

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-4009
Last Modified 19 Jun 2013 12:00:00
Published 31 Aug 2012 10:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4009

Summary

The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.

Vulnerable Systems

Application

  • Cybozu Live 1.0.4


References

CONFIRM - http://magazine.cybozulive.com/2012/08/291200.html

JVNDB - JVNDB-2012-000082

JVN - JVN#77393797


Last Updated: 27 May 2016 11:00:26