CVE-2012-6334
Summary
| CVE | CVE-2012-6334 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2012-12-31 11:50:28 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer." |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
AdjacentAccess Complexity
MediumAuthentication
NoneConfidentiality
NoneIntegrity
PartialAvailability
NoneAV:A/AC:M/Au:N/C:N/I:P/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Samsung | Galaxy Note 2 | - | All | All | All |
| Hardware | Samsung | Galaxy S | - | All | All | All |
| Hardware | Samsung | Galaxy S2 | - | All | All | All |
| Application | Samsung | Samsungdive | - | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| GPS based tracking service provided by Samsung vulnerable to thieves - Hacking News | af854a3a-2127-422b-91ae-364da2661108 | thehackernews.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.