Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-3975
HistoryOct 03, 2011 - 3:55 p.m.

CVE-2011-3975

2011-10-0315:55:01
CWE-200
[email protected]
web.nvd.nist.gov
2

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.004

Percentile

74.1%

JSON

A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLoggers.apk application, which allows user-assisted remote attackers to obtain a list of telephone numbers from a log, and other sensitive information, by leveraging the android.permission.INTERNET application permission and establishing TCP sessions to 127.0.0.1 on port 65511 and a second port.

Affected configurations

Nvd
Node
googleandroidMatch2.3.4
AND
htcevo_3d
OR
htcevo_4g
OR
htcthunderbolt
VendorProductVersionCPE
googleandroid2.3.4cpe:2.3:o:google:android:2.3.4:*:*:*:*:*:*:*
htcevo_3d*cpe:2.3:h:htc:evo_3d:*:*:*:*:*:*:*:*
htcevo_4g*cpe:2.3:h:htc:evo_4g:*:*:*:*:*:*:*:*
htcthunderbolt*cpe:2.3:h:htc:thunderbolt:*:*:*:*:*:*:*:*

Related

prion 1
cvelist 1
cve 1
prion
prion
Code injection
2011-10-03 15:55:00
cvelist
cvelist
CVE-2011-3975
2011-10-03 15:00:00
cve
cve
CVE-2011-3975
2011-10-03 15:55:01

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.004

Percentile

74.1%

JSON
Related for NVD:CVE-2011-3975
prion1cvelist1cve1