All the vulnerabilites related to htc - desire
Vulnerability from fkie_nvd
Published
2012-08-21 10:46
Modified
2024-11-21 01:40
Severity ?
Summary
The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:att:status:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF3604EC-F0EA-4C4F-AC02-B06E48BB8E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:htc:chacha:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4B4194-E63E-40B2-8D97-4F9ECF72B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:htc:desire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D722FCD1-07FA-4161-A2CA-7AA66640CD57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:htc:merge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "750EA8EA-B973-44C2-B544-4AE0BA74AF28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:samsung:galaxy_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A60CAD7B-6A6C-4627-B999-AA442F210486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sprint:evo_shift_4g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACDC3D2-AA6E-476E-B23E-A4B138F590EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:t-mobile:g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70077E7C-3932-4234-87BA-745591A34E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:t-mobile:mytouch_3g_slide:-:*:*:*:*:*:*:*",
"matchCriteriaId": "104D55CE-99BA-478F-91F1-0A97B801AF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:t-mobile:mytouch_4g_slide:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5FD0C4-38F8-47D2-8494-15A385773326",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT\u0026T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages."
},
{
"lang": "es",
"value": "El m\u00e9todo de implementaci\u00f3n onTouchEvent en Samsumg y HTC para Android en el dispositivo T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT\u0026T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, y Samsung Galaxy S almacena las coordenadas de contacto en un b\u00fafer (dmesg) lo que permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de una aplicaci\u00f3n manipulada, una demostraci\u00f3n para n\u00fameros de PIN, n\u00fameros de tel\u00e9fono y mensajes de texto."
}
],
"id": "CVE-2012-2980",
"lastModified": "2024-11-21T01:40:03.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-21T10:46:10.513",
"references": [
{
"source": "cret@cert.org",
"url": "http://www.htc.com/www/help/app-security-fix/"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/251635"
},
{
"source": "cret@cert.org",
"url": "http://www.kb.cert.org/vuls/id/MAPG-8R5LD6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.htc.com/www/help/app-security-fix/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/251635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kb.cert.org/vuls/id/MAPG-8R5LD6"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2012-2980
Vulnerability from cvelistv5
Published
2012-08-21 10:00
Modified
2024-09-16 17:23
Severity ?
EPSS score ?
Summary
The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.htc.com/www/help/app-security-fix/ | x_refsource_MISC | |
| http://www.kb.cert.org/vuls/id/MAPG-8R5LD6 | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/251635 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:05.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.htc.com/www/help/app-security-fix/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8R5LD6"
},
{
"name": "VU#251635",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/251635"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT\u0026T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-21T10:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.htc.com/www/help/app-security-fix/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8R5LD6"
},
{
"name": "VU#251635",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/251635"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-2980",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT\u0026T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.htc.com/www/help/app-security-fix/",
"refsource": "MISC",
"url": "http://www.htc.com/www/help/app-security-fix/"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-8R5LD6",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MAPG-8R5LD6"
},
{
"name": "VU#251635",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/251635"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-2980",
"datePublished": "2012-08-21T10:00:00Z",
"dateReserved": "2012-05-30T00:00:00Z",
"dateUpdated": "2024-09-16T17:23:57.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201208-0355
Vulnerability from variot
The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages. Samsung and HTC Made Android Certain terminals have a vulnerability in which information entered by the user is leaked. Samsung and HTC Made Android The information entered by the user is stored on a specific device model. dmseg There are vulnerabilities that can be referenced using commands.The phone number entered by the user by a third party PIN A number may be obtained. Users who have access to the affected device and can execute the dmesg application can view the dmesg buffer data without root or administrator privileges. May be used to read PIN numbers, short messages, phone numbers, etc. Multiple Samsung and HTC Devices are prone to an information-disclosure vulnerability. Successful attacks can allow an attacker to obtain sensitive information that may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0355",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "galaxy s",
"scope": "eq",
"trust": 1.6,
"vendor": "samsung",
"version": null
},
{
"model": "galaxy s",
"scope": null,
"trust": 1.4,
"vendor": "samsung",
"version": null
},
{
"model": "merge",
"scope": null,
"trust": 1.4,
"vendor": "htc",
"version": null
},
{
"model": "evo shift 4g",
"scope": null,
"trust": 1.4,
"vendor": "sprint",
"version": null
},
{
"model": "g2",
"scope": "eq",
"trust": 1.0,
"vendor": "t mobile",
"version": null
},
{
"model": "mytouch 3g slide",
"scope": "eq",
"trust": 1.0,
"vendor": "t mobile",
"version": null
},
{
"model": "chacha",
"scope": "eq",
"trust": 1.0,
"vendor": "htc",
"version": null
},
{
"model": "merge",
"scope": "eq",
"trust": 1.0,
"vendor": "htc",
"version": null
},
{
"model": "status",
"scope": "eq",
"trust": 1.0,
"vendor": "att",
"version": null
},
{
"model": "mytouch 4g slide",
"scope": "eq",
"trust": 1.0,
"vendor": "t mobile",
"version": null
},
{
"model": "evo shift 4g",
"scope": "eq",
"trust": 1.0,
"vendor": "sprint",
"version": null
},
{
"model": "desire",
"scope": "eq",
"trust": 1.0,
"vendor": "htc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "htc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung",
"version": null
},
{
"model": "at\u0026t status",
"scope": null,
"trust": 0.8,
"vendor": "at t",
"version": null
},
{
"model": "chacha",
"scope": null,
"trust": 0.8,
"vendor": "htc",
"version": null
},
{
"model": "desire",
"scope": "eq",
"trust": 0.8,
"vendor": "htc",
"version": "z"
},
{
"model": "t-mobile g2",
"scope": null,
"trust": 0.8,
"vendor": "t mobile",
"version": null
},
{
"model": "t-mobile mytouch 3g slide",
"scope": null,
"trust": 0.8,
"vendor": "t mobile",
"version": null
},
{
"model": "t-mobile mytouch 4g slide",
"scope": null,
"trust": 0.8,
"vendor": "t mobile",
"version": null
},
{
"model": "mytouch 4g slide",
"scope": null,
"trust": 0.6,
"vendor": "t mobile",
"version": null
},
{
"model": "desire z t-mobile g2",
"scope": null,
"trust": 0.6,
"vendor": "htc",
"version": null
},
{
"model": "mytouch 3g slide",
"scope": null,
"trust": 0.6,
"vendor": "t mobile",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#251635"
},
{
"db": "CNVD",
"id": "CNVD-2012-4327"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003815"
},
{
"db": "NVD",
"id": "CVE-2012-2980"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-311"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:htc:merge:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:sprint:evo_shift_4g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:htc:chacha:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:att:status:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:t-mobile:g2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:samsung:galaxy_s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:t-mobile:mytouch_3g_slide:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:htc:desire:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:t-mobile:mytouch_4g_slide:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2980"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Glenn ten Cate",
"sources": [
{
"db": "BID",
"id": "55047"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-311"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2980",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 4.4,
"collateralDamagePotential": "LOW",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 4.1,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 2.7,
"id": "CVE-2012-2980",
"impactScore": 6.9,
"integrityImpact": "NONE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "OFFICIAL FIX",
"reportConfidence": "CONFIRMED",
"severity": "MEDIUM",
"targetDistribution": "HIGH",
"trust": 0.8,
"userInterationRequired": null,
"vector_string": "AV:L/AC:M/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.1,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-2980",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2980",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-2980",
"trust": 0.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-311",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#251635"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003815"
},
{
"db": "NVD",
"id": "CVE-2012-2980"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-311"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT\u0026T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages. Samsung and HTC Made Android Certain terminals have a vulnerability in which information entered by the user is leaked. Samsung and HTC Made Android The information entered by the user is stored on a specific device model. dmseg There are vulnerabilities that can be referenced using commands.The phone number entered by the user by a third party PIN A number may be obtained. Users who have access to the affected device and can execute the dmesg application can view the dmesg buffer data without root or administrator privileges. May be used to read PIN numbers, short messages, phone numbers, etc. Multiple Samsung and HTC Devices are prone to an information-disclosure vulnerability. \nSuccessful attacks can allow an attacker to obtain sensitive information that may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2980"
},
{
"db": "CERT/CC",
"id": "VU#251635"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003815"
},
{
"db": "CNVD",
"id": "CNVD-2012-4327"
},
{
"db": "BID",
"id": "55047"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2980",
"trust": 4.1
},
{
"db": "CERT/CC",
"id": "VU#251635",
"trust": 3.8
},
{
"db": "BID",
"id": "55047",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003815",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-4327",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201208-311",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#251635"
},
{
"db": "CNVD",
"id": "CNVD-2012-4327"
},
{
"db": "BID",
"id": "55047"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003815"
},
{
"db": "NVD",
"id": "CVE-2012-2980"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-311"
}
]
},
"id": "VAR-201208-0355",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4327"
}
],
"trust": 1.3071256133333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4327"
}
]
},
"last_update_date": "2023-12-18T13:57:53.464000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.att.com/"
},
{
"title": "Application security fix",
"trust": 0.8,
"url": "http://www.htc.com/www/help/app-security-fix/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sprint.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.t-mobile.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.samsung.com/jp/"
},
{
"title": "Patch for Samsung and HTC Device Information Disclosure Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/19893"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4327"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003815"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003815"
},
{
"db": "NVD",
"id": "CVE-2012-2980"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/251635"
},
{
"trust": 2.4,
"url": "http://www.htc.com/www/help/app-security-fix/"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/mapg-8r5ld6"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2980"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu251635"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2980"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/55047"
},
{
"trust": 0.3,
"url": "http://www.samsung.com/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#251635"
},
{
"db": "CNVD",
"id": "CNVD-2012-4327"
},
{
"db": "BID",
"id": "55047"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003815"
},
{
"db": "NVD",
"id": "CVE-2012-2980"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-311"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#251635"
},
{
"db": "CNVD",
"id": "CNVD-2012-4327"
},
{
"db": "BID",
"id": "55047"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003815"
},
{
"db": "NVD",
"id": "CVE-2012-2980"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-311"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-16T00:00:00",
"db": "CERT/CC",
"id": "VU#251635"
},
{
"date": "2012-08-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-4327"
},
{
"date": "2012-08-16T00:00:00",
"db": "BID",
"id": "55047"
},
{
"date": "2012-08-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003815"
},
{
"date": "2012-08-21T10:46:10.513000",
"db": "NVD",
"id": "CVE-2012-2980"
},
{
"date": "2012-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-311"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-24T00:00:00",
"db": "CERT/CC",
"id": "VU#251635"
},
{
"date": "2012-08-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-4327"
},
{
"date": "2012-08-16T00:00:00",
"db": "BID",
"id": "55047"
},
{
"date": "2012-08-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003815"
},
{
"date": "2012-08-21T10:46:10.513000",
"db": "NVD",
"id": "CVE-2012-2980"
},
{
"date": "2012-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-311"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-311"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Samsung and HTC android phone information disclosure vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#251635"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-311"
}
],
"trust": 0.6
}
}