jigbrowser+ for Android 'WebView' Class Information Disclosure Vulnerability
BID:58801
Info
jigbrowser+ for Android 'WebView' Class Information Disclosure Vulnerability
| Bugtraq ID: | 58801 |
| Class: | Design Error |
| CVE: |
CVE-2012-4017 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 28 2012 12:00AM |
| Updated: | Sep 28 2012 12:00AM |
| Credit: | Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. |
| Vulnerable: |
Jig.jp co jigbrowser+ 1.1.1 |
| Not Vulnerable: |
Jig.jp co jigbrowser+ 1.5.0 |
Discussion
jigbrowser+ for Android 'WebView' Class Information Disclosure Vulnerability
jigbrowser+ for Android is prone to an information-disclosure vulnerability.
Remote attackers can exploit this issue to gain access to sensitive information. This may aid in further attacks.
Versions prior to jigbrowser+ 1.5.0 are vulnerable.
jigbrowser+ for Android is prone to an information-disclosure vulnerability.
Remote attackers can exploit this issue to gain access to sensitive information. This may aid in further attacks.
Versions prior to jigbrowser+ 1.5.0 are vulnerable.
Exploit / POC
jigbrowser+ for Android 'WebView' Class Information Disclosure Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
jigbrowser+ for Android 'WebView' Class Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
jigbrowser+ for Android 'WebView' Class Information Disclosure Vulnerability
References:
References: