Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-08-29 | CVE-2012-3979 | Remote Code Execution vulnerability in Mozilla Firefox Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function. | 6.8 |
| 2012-08-21 | CVE-2012-4168 | Information Exposure vulnerability in Adobe Air, AIR SDK and Flash Player Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow remote attackers to read content from a different domain via a crafted web site. | 4.3 |
| 2012-08-17 | CVE-2012-4007 | Information Exposure vulnerability in Mixi The mixi application before 4.3.0 for Android allows remote attackers to read potentially sensitive information in friends' comments via a crafted application that leverages the storage of these comments on an SD card. | 4.3 |
| 2012-08-17 | CVE-2012-4006 | Information Exposure vulnerability in multiple products The GREE application before 1.4.0, GREE Tanken Dorirando application before 1.0.7, GREE Tsurisuta application before 1.5.0, GREE Monpura application before 1.1.1, GREE Kaizokuoukoku Columbus application before 1.3.5, GREE haconiwa application before 1.1.0, GREE Seisen Cerberus application before 1.1.0, and KDDI&GREE GREE Market application before 2.1.2 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | 4.3 |
| 2012-07-16 | CVE-2012-2645 | Information Exposure vulnerability in Yahoo Yahoo! Browser 1.2.0 The Yahoo! Japan Yahoo! Browser application 1.2.0 and earlier for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | 4.3 |
| 2012-07-05 | CVE-2012-2640 | Permissions, Privileges, and Access Controls vulnerability in Yomecolle NEC Biglobe Yome Collection The NEC BIGLOBE Yome Collection application 1.8.3 and earlier for Android allows remote attackers to read the IMEI value from an SD card via a crafted application that lacks the READ_PHONE_STATE permission. | 5.0 |
| 2012-06-15 | CVE-2012-2635 | Information Exposure vulnerability in Dolphin-Browser Dolphin Browser HD and Dolphin for PAD The Dolphin Browser HD application before 7.6 and Dolphin for Pad application before 1.0.1 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | 4.3 |
| 2012-05-21 | CVE-2012-1249 | Information Exposure vulnerability in Lunascape Ilunascape Android 1.0.4.0 The iLunascape application 1.0.4.0 and earlier for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive stored information via a crafted application. | 5.0 |
| 2012-04-22 | CVE-2012-1243 | Information Exposure vulnerability in Studiohitori Twitrocker2 Android The TwitRocker2 application before 1.0.23 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | 5.0 |
| 2012-03-17 | CVE-2012-0326 | Permissions, Privileges, and Access Controls vulnerability in Tetsuya Aoyama Twicca The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application. | 5.0 |