CVE-2012-2217

Published May 1, 2012
Last updated 7 years ago
CVSS info 6.4
Overview

Description: The HTC IQRD service for Android on the HTC EVO 4G before 4.67.651.3, EVO Design 4G before 2.12.651.5, Shift 4G before 2.77.651.3, EVO 3D before 2.17.651.5, EVO View 4G before 2.23.651.1, Vivid before 3.26.502.56, and Hero does not restrict localhost access to TCP port 2479, which allows remote attackers to (1) send SMS messages, (2) obtain the Network Access Identifier (NAI) and its password, or trigger (3) popup messages or (4) tones via a crafted application that leverages the android.permission.INTERNET permission.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 6.4
Impact score: 4.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-264
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:htc:evo_4g_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E815F275-7BB3-4E14-92F3-3D52A72CBE7E",
            "versionEndIncluding": "4.54.651.1"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_4g_software:1.32.651.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4654D8F-7355-4141-BD39-0A8ED38F437C"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_4g_software:1.47.651.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0662E7B8-A831-4167-BEB9-9DD3CCF9F97F"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_4g_software:3.26.651.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A367B3F-5ADC-422B-A032-D82CD50D761F"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_4g_software:3.29.651.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B0AA96D-7810-43C3-996F-3BC01B4F6D62"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_4g_software:3.30.651.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02E8E505-CCEA-4052-AF9B-C5EF58DBCBD6"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_4g_software:3.30.651.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FD9E9AA-3DF7-4787-982F-8A0E651DF94D"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_4g_software:3.70.651.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D22BA87-3334-4939-B42E-0B3611E8B862"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_4g_software:4.22.651.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2408E95-7BFA-4D58-9FDA-9FF05DB2B5C8"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_4g_software:4.24.651.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6179012-8E51-4BFC-9592-BFA6AAE803D2"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_4g_software:4.53.651.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BCEC1AC-7CCA-409B-8346-35D9A2251FB6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:htc:evo_4g:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1368A8C3-7F80-4DC4-9ADF-AC69E44CB9FC"
          },
          {
            "criteria": "cpe:2.3:h:htc:evo_4g:gri40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF9842B1-3735-48CC-9163-36253B9C5AF6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:htc:evo_design_4g_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7310B73E-B908-4A7D-8495-77454E87BAC6",
            "versionEndIncluding": "1.19.651.1"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_design_4g_software:1.19.651.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A33CE59-A315-4013-BE89-67EA077B7175"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:htc:evo_design_4g:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11B01216-33EC-40A7-9781-2900BCEA15A3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:htc:shift_4g_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2253FDBF-228A-4D3F-ABF9-7AFF03207D99",
            "versionEndIncluding": "2.76.651.6"
          },
          {
            "criteria": "cpe:2.3:a:htc:shift_4g_software:1.17.651.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB8920D7-3F96-4D13-BDFC-353E841BBE31"
          },
          {
            "criteria": "cpe:2.3:a:htc:shift_4g_software:2.75.651.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28DA32A0-818E-4442-B22B-A9BEC5052D96"
          },
          {
            "criteria": "cpe:2.3:a:htc:shift_4g_software:2.75.651.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4407EE19-DE46-49BC-8CBA-D810B084EAD9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:htc:shift_4g:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2741C50D-A992-49D9-8FC5-A782AE65B0AE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:htc:evo_3d_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8197CEE7-054D-4840-B67C-A25B44068A7D",
            "versionEndIncluding": "2.08.651.3"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_3d_software:1.11.651.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77844462-3FA7-4C46-AFB5-61DD250711AE"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_3d_software:1.13.651.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F8636AB-44E1-4135-A13D-975E09812C0E"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_3d_software:2.08.651.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "693681CD-E6E7-43D5-BC65-78828BDD4A6C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:htc:evo_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8C77876-DC0F-42CB-B795-0BB5A0A7559A"
          },
          {
            "criteria": "cpe:2.3:h:htc:evo_3d:gri40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04CE53C2-E91D-4E99-820A-D06BA1BBAAD3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:htc:evo_view_4g_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7DD5920B-2C35-47B7-A54B-05C214556404",
            "versionEndIncluding": "1.22.651.2"
          },
          {
            "criteria": "cpe:2.3:a:htc:evo_view_4g_software:1.22.651.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCF81B72-FC57-4979-A44E-CA1BDDE07910"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:htc:evo_view_4g:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDF0CF5D-A1CC-4703-9E93-04C7C8219CD4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:htc:vivid_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91416F0F-82A0-42FA-831C-FF61ADFAE7EF",
            "versionEndIncluding": "3.26.502"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:htc:vivid:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "977B55E8-22F3-47A9-876D-D0E858118FC3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:htc:hero_software:1.29.651.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7178F17C-1CEF-419F-B7D0-85145807C2BF"
          },
          {
            "criteria": "cpe:2.3:a:htc:hero_software:1.56.651.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77BAD23A-A63F-47A4-9378-BA45A1327C48"
          },
          {
            "criteria": "cpe:2.3:a:htc:hero_software:2.27.651.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F01536FC-F034-47F8-951E-26C87B40B311"
          },
          {
            "criteria": "cpe:2.3:a:htc:hero_software:2.27.651.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FC961A5-EC4B-4D4B-8465-35C2CC104751"
          },
          {
            "criteria": "cpe:2.3:a:htc:hero_software:2.31.651.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9F56F7E-D65F-4532-8CE1-D434B5BAF8CA"
          },
          {
            "criteria": "cpe:2.3:a:htc:hero_software:2.32.651.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69E23E10-885D-4D8E-B98C-1007CD8C7AD9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:htc:hero:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "831A21A7-B190-408D-B220-6A5A023725A7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
