Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-3975
HistoryOct 03, 2011 - 3:55 p.m.

CVE-2011-3975

2011-10-0315:55:01
CWE-200
[email protected]
web.nvd.nist.gov
17
htc
android
security vulnerability
cve-2011-3975
sensitive information disclosure
nvd
htcloggers.apk

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.1%

JSON

A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLoggers.apk application, which allows user-assisted remote attackers to obtain a list of telephone numbers from a log, and other sensitive information, by leveraging the android.permission.INTERNET application permission and establishing TCP sessions to 127.0.0.1 on port 65511 and a second port.

Affected configurations

NVD
Node
googleandroidMatch2.3.4
AND
htcevo_3d
OR
htcevo_4g
OR
htcthunderbolt

Related

prion 1
cvelist 1
nvd 1
prion
prion
Code injection
2011-10-03 15:55:00
cvelist
cvelist
CVE-2011-3975
2011-10-03 15:00:00
nvd
nvd
CVE-2011-3975
2011-10-03 15:55:01

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.1%

JSON
Related for CVE-2011-3975
prion1cvelist1nvd1