CVE-2012-2980
Published Aug 21, 2012
Last updated 12 years ago
Overview
- Description
- The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages.
- Source
- cret@cert.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.1
- Impact score
- 6.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-255
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:att:status:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF3604EC-F0EA-4C4F-AC02-B06E48BB8E2B"
},
{
"criteria": "cpe:2.3:h:htc:chacha:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1E4B4194-E63E-40B2-8D97-4F9ECF72B137"
},
{
"criteria": "cpe:2.3:h:htc:desire:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D722FCD1-07FA-4161-A2CA-7AA66640CD57"
},
{
"criteria": "cpe:2.3:h:htc:merge:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "750EA8EA-B973-44C2-B544-4AE0BA74AF28"
},
{
"criteria": "cpe:2.3:h:samsung:galaxy_s:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A60CAD7B-6A6C-4627-B999-AA442F210486"
},
{
"criteria": "cpe:2.3:h:sprint:evo_shift_4g:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2ACDC3D2-AA6E-476E-B23E-A4B138F590EC"
},
{
"criteria": "cpe:2.3:h:t-mobile:g2:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70077E7C-3932-4234-87BA-745591A34E2D"
},
{
"criteria": "cpe:2.3:h:t-mobile:mytouch_3g_slide:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "104D55CE-99BA-478F-91F1-0A97B801AF2F"
},
{
"criteria": "cpe:2.3:h:t-mobile:mytouch_4g_slide:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A5FD0C4-38F8-47D2-8494-15A385773326"
}
],
"operator": "OR"
}
]
}
]