Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4012

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-4012
Last Modified 10 Sep 2012 12:00:00
Published 08 Sep 2012 06:28:21
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4012

Summary

The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.

Vulnerable Systems

Application

  • Cybozu Kunai 2.0.5


References

JVNDB - JVNDB-2012-000084

JVN - JVN#59652356

CONFIRM - http://cs.cybozu.co.jp/information/20120910up02.php


Last Updated: 27 May 2016 11:00:32