BID:51690

360Safe 360 KouXin Remote Unauthorized Access Vulnerability

Info

360Safe 360 KouXin Remote Unauthorized Access Vulnerability

Bugtraq ID:	51690
Class:	Design Error
CVE:	CVE-2011-4772
Remote:	Yes
Local:	No
Published:	Jan 26 2012 12:00AM
Updated:	Jan 26 2012 12:00AM
Credit:	Daoyuan Wu, Xiapu Luo and Rocky K. C. Chang Department of Computing, The Hong Kong Polytechnic University, Hong Kong
Vulnerable:	360Safe 360 KouXin 1.5.3

Not Vulnerable:

Discussion

360Safe 360 KouXin Remote Unauthorized Access Vulnerability

360 KouXin is prone to a remote unauthorized access vulnerability.

An attacker can exploit this issue to access and manipulate userâ??s sensitive contacts and SMS messages.

360 KouXin 1.5.3 is affected; other versions may also be vulnerable.

Exploit / POC

360Safe 360 KouXin Remote Unauthorized Access Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

360Safe 360 KouXin Remote Unauthorized Access Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References

360Safe 360 KouXin Remote Unauthorized Access Vulnerability

References:

360 KouXin Homepage (360 KouXin)
Vulnerability in 360 KouXin for Android (360 KouXin)