FlickWnn for Android CVE-2013-2300 Information Disclosure Vulnerability

Bugtraq ID:	58777
Class:	Design Error
CVE:	CVE-2013-2300
Remote:	Yes
Local:	No
Published:	Mar 26 2013 12:00AM
Updated:	Mar 26 2013 12:00AM
Credit:	Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc
Vulnerable:	PM9 FlickWnn 2.02
Not Vulnerable:	PM9 FlickWnn 2.03

FlickWnn for Android CVE-2013-2300 Information Disclosure Vulnerability

FlickWnn for Android is prone to an information-disclosure vulnerability.

Successful exploits allow an attacker to gain access to sensitive information. Information obtained may aid in further attacks.

FlickWnn for Android 2.02 and prior are vulnerable.

FlickWnn for Android CVE-2013-2300 Information Disclosure Vulnerability

An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious Android application.

FlickWnn for Android CVE-2013-2300 Information Disclosure Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

FlickWnn for Android CVE-2013-2300 Information Disclosure Vulnerability

References:

• FlickWnn Download Page (Google )
  
• OpenWnn/Flick support vulnerable to information disclosure (JPCERT )