Lucene search

MitreCVE-2011-4772

HistoryJan 25, 2012 - 4:03 a.m.

CVE-2011-4772

2012-01-2504:03:28

CWE-264

mitre

web.nvd.nist.gov

cve-2011-4772

360 kouxin

com.qihoo360.kouxin

android

data protection

remote attackers

sms messages

contact list

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.002

Percentile

57.7%

JSON

The 360 KouXin (com.qihoo360.kouxin) application 1.5.3 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and a contact list via a crafted application.

Affected configurations

Nvd

Node

360kouxinMatch1.5.3

AND

androidandroid

VendorProductVersionCPE
360kouxin1.5.3cpe:2.3:a:360:kouxin:1.5.3:*:*:*:*:*:*:*
androidandroid*cpe:2.3:o:android:android:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
360	kouxin	1.5.3	cpe:2.3:a:360:kouxin:1.5.3:::::::*
android	android	*	cpe:2.3:o:android:android::::::::

References

www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4772-vulnerability-in-360KouXin.html

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.002

Percentile

57.7%

JSON

Related for CVE-2011-4772