2 matches found
CVE-2012-4248
The data confirms CVE-2012-4248 affects Kindle Touch prior to 5.1.2, where access to the libkindleplugin.so NPAPI plugin interface is not properly restricted. This may allow remote attackers to cause unspecified impact via the dev.log, lipc.set, lipc.get, or todo.scheduleItems methods. The root c...
CVE-2012-4249
The vulnerability CVE-2012-4249 affects Amazon Kindle Touch prior to 5.1.2, specifically the com.lab126.system sendEvent implementation. The issue allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a string, demonstrated by lipc-set-prop to set an LIPC pr...