33 matches found
EUVD-2012-3953
Malware in sbrugna...
EUVD-2013-3580
Malware in sbrugna...
EUVD-2013-3579
Malware in sbrugna...
EUVD-2012-3952
Malware in sbrugna...
CVE-2013-3647
The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. NOTE: this vulnerability exists because...
CVE-2013-3646
The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. NOTE: this vulnerability exists because of a CVE-2012-4008 regression...
CVE-2012-4009
The WebView class in the Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL...
CVE-2012-4008
The Cybozu Live application 1.0.4 and earlier for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site...
CVE-2013-3647
The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. NOTE: this vulnerability exists because...
CVE-2013-3646
The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. NOTE: this vulnerability exists because of a CVE-2012-4008 regression...
Design/Logic Flaw
The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. NOTE: this vulnerability exists because...
Design/Logic Flaw
The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. NOTE: this vulnerability exists because of a CVE-2012-4008 regression...
CVE-2013-3646
The CVE-2013-3646 entry maps to Cybozu Live for Android prior to version 2.0.1, where an arbitrary Java method execution vulnerability exists. The underlying issue is a regression from CVE-2012-4008 that allows remote attackers to cause the app to execute crafted Java methods via a malicious webs...
CVE-2013-3647
The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. NOTE: this vulnerability exists because...
CVE-2013-3647
The CVE-2013-3647 entry describes a WebView vulnerability in Cybozu Live for Android (pre-2.0.1) where a crafted file:// URL can execute arbitrary JavaScript and disclose data. Root cause ties to a CVE-2012-4009 regression. Exploitation discussed via malicious files on the device; remediation adv...
CVE-2013-3646
The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. NOTE: this vulnerability exists because of a CVE-2012-4008 regression...
Cybozu Live for Android vulnerable in the WebView class
Overview Cybozu Live for Android is a client software for Cybozu Live. Cybozu Live for Android contains a vulnerability in the WebView class. Note that this vulnerability is a regression in version 2.0.0 of the issue in JVN77393797. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported...
Cybozu Live for Android vulnerable to arbitrary Java method execution
Overview Cybozu Live for Android is a client software for Cybozu Live. Cybozu Live for Android contains an arbitrary Java method execution vulnerability. Note that this vulnerability is a regression in version 2.0.0 of the issue in JVN23009798. Gaku Mochizuki of Mitsui Bussan Secure Directions,...
JVN#19740283: Cybozu Live for Android vulnerable in the WebView class
Cybozu Live for Android is a client software for Cybozu Live. Cybozu Live for Android contains a vulnerability in the WebView class. Note that this vulnerability is a regression in version 2.0.0 of the issue in JVN77393797. Impact When there is a malicious file in the user's Android device,...
JVN#63428218: Cybozu Live for Android vulnerable to arbitrary Java method execution
Cybozu Live for Android is a client software for Cybozu Live. Cybozu Live for Android contains an arbitrary Java method execution vulnerability. Note that this vulnerability is a regression in version 2.0.0 of the issue in JVN23009798. Impact When opening a specially crafted website, an attacker...