Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Android  >> 3.2.1  Security Vulnerabilities
CVE-2011-3918
The Zygote process in Android 4.0.3 and earlier accepts fork requests from processes with arbitrary UIDs, which allows remote attackers to cause a denial of service (reboot loop) via a crafted application.
CVSS Score
7.8
EPSS Score
0.101
Published
2012-10-07
CVE-2012-4016
The ATOK application before 1.0.4 for Android allows remote attackers to read the learning information file, and obtain sensitive input-string information, via a crafted application.
CVSS Score
4.3
EPSS Score
0.003
Published
2012-09-28
CVE-2012-4017
The jigbrowser+ application before 1.5.0 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.
CVSS Score
4.3
EPSS Score
0.003
Published
2012-09-28
CVE-2012-4903
Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4906.
CVSS Score
5.0
EPSS Score
0.002
Published
2012-09-13
CVE-2012-4904
Cross-application scripting vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by "Universal XSS (UXSS)" attacks against the current tab.
CVSS Score
4.3
EPSS Score
0.002
Published
2012-09-13
CVE-2012-4905
Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universal XSS (UXSS)."
CVSS Score
4.3
EPSS Score
0.009
Published
2012-09-13
CVE-2012-4906
Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4903.
CVSS Score
5.0
EPSS Score
0.082
Published
2012-09-13
CVE-2012-4907
Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page.
CVSS Score
9.3
EPSS Score
0.004
Published
2012-09-13
CVE-2012-4908
Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink.
CVSS Score
7.5
EPSS Score
0.036
Published
2012-09-13
CVE-2012-4909
Google Chrome before 18.0.1025308 on Android allows remote attackers to obtain cookie information via a crafted application.
CVSS Score
4.3
EPSS Score
0.046
Published
2012-09-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved