BID:53173

TwitRocker2 CVE-2012-1243 Information Disclosure Vulnerability

Info

TwitRocker2 CVE-2012-1243 Information Disclosure Vulnerability

Bugtraq ID:	53173
Class:	Design Error
CVE:	CVE-2012-1243
Remote:	Yes
Local:	No
Published:	Apr 20 2012 12:00AM
Updated:	Apr 20 2012 12:00AM
Credit:	Gaku Mochizuki
Vulnerable:	Studio Hitori TwitRocker2 1.0.22

Not Vulnerable:	Studio Hitori TwitRocker2 1.0.23

Discussion

TwitRocker2 CVE-2012-1243 Information Disclosure Vulnerability

TwitRocker2 is prone to an information-disclosure vulnerability.

Attackers can exploit these issues to gain access to sensitive information that may aid in further attacks.

Versions prior to TwitRocker2 1.0.23 are vulnerable.

Exploit / POC

TwitRocker2 CVE-2012-1243 Information Disclosure Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

TwitRocker2 CVE-2012-1243 Information Disclosure Vulnerability

Solution:
Vendor updates are available. Please see the references for more information.

References

TwitRocker2 CVE-2012-1243 Information Disclosure Vulnerability

References:

TwitRocker2 (Android version) vulnerable in the WebView class (JVN)
TwitRocker2 (Android version) vulnerable in the WebView class (JVN)
TwitRocker2 Android Page (Andoird)
TwitRocker2 Homepage (Studio Hitori)