All the vulnerabilites related to samsung - galaxy_s
cve-2012-2980
Vulnerability from cvelistv5
Published
2012-08-21 10:00
Modified
2024-09-16 17:23
Severity ?
EPSS score ?
Summary
The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.htc.com/www/help/app-security-fix/ | x_refsource_MISC | |
| http://www.kb.cert.org/vuls/id/MAPG-8R5LD6 | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/251635 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:05.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.htc.com/www/help/app-security-fix/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8R5LD6"
},
{
"name": "VU#251635",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/251635"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT\u0026T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-21T10:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.htc.com/www/help/app-security-fix/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8R5LD6"
},
{
"name": "VU#251635",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/251635"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-2980",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT\u0026T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.htc.com/www/help/app-security-fix/",
"refsource": "MISC",
"url": "http://www.htc.com/www/help/app-security-fix/"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-8R5LD6",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MAPG-8R5LD6"
},
{
"name": "VU#251635",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/251635"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-2980",
"datePublished": "2012-08-21T10:00:00Z",
"dateReserved": "2012-05-30T00:00:00Z",
"dateUpdated": "2024-09-16T17:23:57.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-6334
Vulnerability from cvelistv5
Published
2012-12-31 11:00
Modified
2024-09-16 17:28
Severity ?
EPSS score ?
Summary
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
References
| ▼ | URL | Tags |
|---|---|---|
| http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:28:39.416Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attackers to provide arbitrary location data via a \"commonly available simple GPS location spoofer.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-12-31T11:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6334",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attackers to provide arbitrary location data via a \"commonly available simple GPS location spoofer.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html",
"refsource": "MISC",
"url": "http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6334",
"datePublished": "2012-12-31T11:00:00Z",
"dateReserved": "2012-12-13T00:00:00Z",
"dateUpdated": "2024-09-16T17:28:53.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-6337
Vulnerability from cvelistv5
Published
2012-12-31 11:00
Modified
2024-09-16 23:30
Severity ?
EPSS score ?
Summary
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a product-recovery effort by tampering with this feature or its location data.
References
| ▼ | URL | Tags |
|---|---|---|
| http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:28:39.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a product-recovery effort by tampering with this feature or its location data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-12-31T11:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a product-recovery effort by tampering with this feature or its location data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html",
"refsource": "MISC",
"url": "http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6337",
"datePublished": "2012-12-31T11:00:00Z",
"dateReserved": "2012-12-13T00:00:00Z",
"dateUpdated": "2024-09-16T23:30:49.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2012-12-31 11:50
Modified
2024-11-21 01:46
Severity ?
Summary
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attackers to provide arbitrary location data via a "commonly available simple GPS location spoofer."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| samsung | samsungdive | - | |
| samsung | galaxy_note_2 | - | |
| samsung | galaxy_s | - | |
| samsung | galaxy_s2 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samsung:samsungdive:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2FC077-4D6C-4342-9B7F-FE2AC47F736A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:galaxy_note_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C11A19CD-FAFE-45ED-A24C-72642C3ED565",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:samsung:galaxy_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A60CAD7B-6A6C-4627-B999-AA442F210486",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:samsung:galaxy_s2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27B05798-6E5E-4DCD-810E-680DEB3BDE97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices does not properly implement Location APIs, which allows physically proximate attackers to provide arbitrary location data via a \"commonly available simple GPS location spoofer.\""
},
{
"lang": "es",
"value": "La funci\u00f3n \"Track My Mobile\" en el subsistema SamsungDive para Android en los dispositivos Samsung Galaxy no implementa correctamente las APIs de localizaci\u00f3n, lo que permite a atacantes f\u00edsicamente pr\u00f3ximos proporcionar datos de localizaci\u00f3n de su elecci\u00f3n a trav\u00e9s de un \"sencillo spoofer de localizaci\u00f3n GPS com\u00fanmente disponible.\"\r\n"
}
],
"id": "CVE-2012-6334",
"lastModified": "2024-11-21T01:46:01.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-31T11:50:28.047",
"references": [
{
"source": "cve@mitre.org",
"url": "http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-08-21 10:46
Modified
2024-11-21 01:40
Severity ?
Summary
The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:att:status:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF3604EC-F0EA-4C4F-AC02-B06E48BB8E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:htc:chacha:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4B4194-E63E-40B2-8D97-4F9ECF72B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:htc:desire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D722FCD1-07FA-4161-A2CA-7AA66640CD57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:htc:merge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "750EA8EA-B973-44C2-B544-4AE0BA74AF28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:samsung:galaxy_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A60CAD7B-6A6C-4627-B999-AA442F210486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sprint:evo_shift_4g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACDC3D2-AA6E-476E-B23E-A4B138F590EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:t-mobile:g2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70077E7C-3932-4234-87BA-745591A34E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:t-mobile:mytouch_3g_slide:-:*:*:*:*:*:*:*",
"matchCriteriaId": "104D55CE-99BA-478F-91F1-0A97B801AF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:t-mobile:mytouch_4g_slide:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5FD0C4-38F8-47D2-8494-15A385773326",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT\u0026T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages."
},
{
"lang": "es",
"value": "El m\u00e9todo de implementaci\u00f3n onTouchEvent en Samsumg y HTC para Android en el dispositivo T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT\u0026T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, y Samsung Galaxy S almacena las coordenadas de contacto en un b\u00fafer (dmesg) lo que permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de una aplicaci\u00f3n manipulada, una demostraci\u00f3n para n\u00fameros de PIN, n\u00fameros de tel\u00e9fono y mensajes de texto."
}
],
"id": "CVE-2012-2980",
"lastModified": "2024-11-21T01:40:03.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-21T10:46:10.513",
"references": [
{
"source": "cret@cert.org",
"url": "http://www.htc.com/www/help/app-security-fix/"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/251635"
},
{
"source": "cret@cert.org",
"url": "http://www.kb.cert.org/vuls/id/MAPG-8R5LD6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.htc.com/www/help/app-security-fix/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/251635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kb.cert.org/vuls/id/MAPG-8R5LD6"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-12-31 11:50
Modified
2024-11-21 01:46
Severity ?
Summary
The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a product-recovery effort by tampering with this feature or its location data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| samsung | samsungdive | - | |
| samsung | galaxy_note_2 | - | |
| samsung | galaxy_s | - | |
| samsung | galaxy_s2 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samsung:samsungdive:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2FC077-4D6C-4342-9B7F-FE2AC47F736A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:galaxy_note_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C11A19CD-FAFE-45ED-A24C-72642C3ED565",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:samsung:galaxy_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A60CAD7B-6A6C-4627-B999-AA442F210486",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:samsung:galaxy_s2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27B05798-6E5E-4DCD-810E-680DEB3BDE97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a product-recovery effort by tampering with this feature or its location data."
},
{
"lang": "es",
"value": "La funcionalidad Track My Mobile en el subsistema SamsungDive para Android en dispositivos Samsung Galaxy muestra la activaci\u00f3n de seguimiento a distancia, lo que podr\u00eda permitir a los atacantes f\u00edsicamente pr\u00f3ximos a vencer a un esfuerzo de recuperaci\u00f3n de producto mediante la manipulaci\u00f3n de esta funci\u00f3n o sus datos de localizaci\u00f3n."
}
],
"id": "CVE-2012-6337",
"lastModified": "2024-11-21T01:46:01.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-31T11:50:28.237",
"references": [
{
"source": "cve@mitre.org",
"url": "http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://thehackernews.com/2012/12/manufacture-based-gps-tracking-services.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}