CVE-2012-3887
Published Jul 26, 2012
Last updated 12 years ago
Overview
- Description
- AirDroid before 1.0.7 beta uses a cleartext base64 format for data transfer that is documented as an "Encrypted Transmission" feature, which allows remote attackers to obtain sensitive information by sniffing the local wireless network, as demonstrated by the SMS message content sent to the sdctl/sms/send/single/ URI.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-310
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:airdroid:airdroid:*:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C53EA9EB-E553-4117-A94E-697749684D77",
"versionEndIncluding": "1.0.6"
},
{
"criteria": "cpe:2.3:a:airdroid:airdroid:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "249BB79C-3515-45C0-9F8F-117A2C9C6DEE"
},
{
"criteria": "cpe:2.3:a:airdroid:airdroid:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "35B973F7-5FE8-4B7D-8FD3-752720E99DEB"
},
{
"criteria": "cpe:2.3:a:airdroid:airdroid:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "829BFFB7-3B09-4823-89DA-FDB0546F579C"
},
{
"criteria": "cpe:2.3:a:airdroid:airdroid:1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E80F41B-56A7-440D-AACF-895F51EBE04E"
},
{
"criteria": "cpe:2.3:a:airdroid:airdroid:1.0.4:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18DA093A-2C50-4D62-A65B-CDB061CCA01D"
},
{
"criteria": "cpe:2.3:a:airdroid:airdroid:1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7155A119-5C2D-4B78-8F40-D52A73F3EF37"
}
],
"operator": "OR"
}
]
}
]