Authentication flaw

2012-03-0200:55:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.3%

JSON

The Cookpad 1.5.16 and earlier and Cookpad Noseru 1.1.1 and earlier applications for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.

CPENameOperatorVersion
android_activitiesle1.5.16
android_mykitchenle1.1.1

CPE	Name	Operator	Version
	android_activities	le	1.5.16
	android_mykitchen	le	1.1.1

References

cookpad.typepad.jp/help/2012/02/23oshirase.html

jvn.jp/en/jp/JVN25731073/index.html

jvndb.jvn.jp/jvndb/JVNDB-2012-000014

osvdb.org/79643

secunia.com/advisories/48065

www.securityfocus.com/bid/52189