Vulnerabilities > Google > Android > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-17 | CVE-2012-4007 | Information Exposure vulnerability in Mixi The mixi application before 4.3.0 for Android allows remote attackers to read potentially sensitive information in friends' comments via a crafted application that leverages the storage of these comments on an SD card. | 4.3 |
2012-08-17 | CVE-2012-4006 | Information Exposure vulnerability in multiple products The GREE application before 1.4.0, GREE Tanken Dorirando application before 1.0.7, GREE Tsurisuta application before 1.5.0, GREE Monpura application before 1.1.1, GREE Kaizokuoukoku Columbus application before 1.3.5, GREE haconiwa application before 1.1.0, GREE Seisen Cerberus application before 1.1.0, and KDDI&GREE GREE Market application before 2.1.2 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | 4.3 |
2012-07-16 | CVE-2012-2645 | Information Exposure vulnerability in Yahoo Yahoo! Browser 1.2.0 The Yahoo! Japan Yahoo! Browser application 1.2.0 and earlier for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | 4.3 |
2012-07-05 | CVE-2012-2640 | Permissions, Privileges, and Access Controls vulnerability in Yomecolle NEC Biglobe Yome Collection The NEC BIGLOBE Yome Collection application 1.8.3 and earlier for Android allows remote attackers to read the IMEI value from an SD card via a crafted application that lacks the READ_PHONE_STATE permission. | 5.0 |
2012-06-15 | CVE-2012-2635 | Information Exposure vulnerability in Dolphin-Browser Dolphin Browser HD and Dolphin for PAD The Dolphin Browser HD application before 7.6 and Dolphin for Pad application before 1.0.1 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | 4.3 |
2012-05-21 | CVE-2012-1249 | Information Exposure vulnerability in Lunascape Ilunascape Android 1.0.4.0 The iLunascape application 1.0.4.0 and earlier for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive stored information via a crafted application. | 5.0 |
2012-04-22 | CVE-2012-1243 | Information Exposure vulnerability in Studiohitori Twitrocker2 Android The TwitRocker2 application before 1.0.23 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. | 5.0 |
2012-03-17 | CVE-2012-0326 | Permissions, Privileges, and Access Controls vulnerability in Tetsuya Aoyama Twicca The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application. | 5.0 |
2012-03-05 | CVE-2012-0769 | Numeric Errors vulnerability in Adobe Flash Player and Flash Player for Android Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
2012-03-05 | CVE-2012-0322 | Permissions, Privileges, and Access Controls vulnerability in Estrongs ES File Explorer 1.6.0.2/1.6.1.1 The EStrongs ES File Explorer application 1.6.0.2 through 1.6.1.1 for Android does not properly restrict access, which allows remote attackers to read arbitrary files via vectors involving an unspecified function. | 4.3 |