Android SQLite Journal CVE-2011-3901 Information Disclosure Vulnerability
BID:53380
CVE-2011-3901 |Info
Android SQLite Journal CVE-2011-3901 Information Disclosure Vulnerability
| Bugtraq ID: | 53380 |
| Class: | Design Error |
| CVE: |
CVE-2011-3901 |
| Remote: | Yes |
| Local: | No |
| Published: | May 03 2012 12:00AM |
| Updated: | May 03 2012 12:00AM |
| Credit: | Roee Hay |
| Vulnerable: |
Open Handset Alliance Android 2.3.7 |
| Not Vulnerable: |
Open Handset Alliance Android 4.0.1 |
Discussion
Android SQLite Journal CVE-2011-3901 Information Disclosure Vulnerability
Android is prone to an information-disclosure vulnerability.
Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks.
Android 2.3.7 is vulnerable; other versions may also be affected.
Android is prone to an information-disclosure vulnerability.
Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks.
Android 2.3.7 is vulnerable; other versions may also be affected.
Exploit / POC
Android SQLite Journal CVE-2011-3901 Information Disclosure Vulnerability
A proof-of-concept is available. Please see the reference for more details.
A proof-of-concept is available. Please see the reference for more details.
Solution / Fix
Android SQLite Journal CVE-2011-3901 Information Disclosure Vulnerability
Solution:
Vendor updates are available. Please see the references for more information.
Solution:
Vendor updates are available. Please see the references for more information.
References
Android SQLite Journal CVE-2011-3901 Information Disclosure Vulnerability
References:
References:
- Android Homepage (Open Handset Alliance)
- Android SQLite Journal Information Disclosure (Roee Hay)
- Android SQLite Journal Information Disclosure (CVE-2011-3901) (Roee Hay)