CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-4009

The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.7%

CVSS Severity

CVSS v2 Score 6.8

References

http://jvn.jp/en/jp/JVN77393797/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000082
http://magazine.cybozulive.com/2012/08/291200.html
http://jvn.jp/en/jp/JVN77393797/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000082
http://magazine.cybozulive.com/2012/08/291200.html

Products affected by CVE-2012-4009

Cybozu » Cybozu Live » Version: 1.0.4

cpe:2.3:a:cybozu:cybozu_live:1.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-4009

Products

Pricing

Contact Us