FKIE_CVE-2012-5179
Vulnerability from fkie_nvd - Published: 2012-12-26 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The Boat Browser application before 4.2 and Boat Browser Mini application before 3.9 for Android do not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| boatmob | boat_browser | * | |
| boatmob | boat_browser | 2.0 | |
| boatmob | boat_browser | 2.1 | |
| boatmob | boat_browser | 2.2 | |
| boatmob | boat_browser | 2.3 | |
| boatmob | boat_browser | 2.4.1 | |
| boatmob | boat_browser | 2.5.1 | |
| boatmob | boat_browser | 2.6 | |
| boatmob | boat_browser | 3.0 | |
| boatmob | boat_browser | 3.1 | |
| boatmob | boat_browser | 3.2.1 | |
| boatmob | boat_browser | 3.3 | |
| boatmob | boat_browser_mini | * | |
| boatmob | boat_browser_mini | 2.6.1 | |
| boatmob | boat_browser_mini | 2.7 | |
| boatmob | boat_browser_mini | 2.7.1 | |
| boatmob | boat_browser_mini | 2.8 | |
| boatmob | boat_browser_mini | 2.9 | |
| boatmob | boat_browser_mini | 2.9.1 | |
| boatmob | boat_browser_mini | 2.9.2 | |
| boatmob | boat_browser_mini | 3.0.1 | |
| boatmob | boat_browser_mini | 3.0.2 | |
| boatmob | boat_browser_mini | 3.1 | |
| boatmob | boat_browser_mini | 3.2 | |
| boatmob | boat_browser_mini | 3.3 | |
| boatmob | boat_browser_mini | 3.4 | |
| boatmob | boat_browser_mini | 3.5 | |
| boatmob | boat_browser_mini | 3.6 | |
| boatmob | boat_browser_mini | 3.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:boatmob:boat_browser:*:*:*:*:*:android:*:*",
"matchCriteriaId": "3DE3BC51-AC31-45DA-BF27-93FEBC381D02",
"versionEndIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser:2.0:*:*:*:*:android:*:*",
"matchCriteriaId": "6102D860-288E-4197-9255-4588EEF1DC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser:2.1:*:*:*:*:android:*:*",
"matchCriteriaId": "CD0DE975-B2DB-415C-BDC1-FE5CC88D4249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser:2.2:*:*:*:*:android:*:*",
"matchCriteriaId": "410ACE98-8D8B-4F96-AAA4-1768DCBF5E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser:2.3:*:*:*:*:android:*:*",
"matchCriteriaId": "7FF8AD84-7731-478E-B4CB-CFCD532F5EC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser:2.4.1:*:*:*:*:android:*:*",
"matchCriteriaId": "06F27085-BBA1-44F7-906A-4D3136936DD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser:2.5.1:*:*:*:*:android:*:*",
"matchCriteriaId": "E18B0A97-B444-4C8F-9FD9-7D6B29C208EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser:2.6:*:*:*:*:android:*:*",
"matchCriteriaId": "E6F09817-8C28-4A6E-BCD0-471AF03D446E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser:3.0:*:*:*:*:android:*:*",
"matchCriteriaId": "163187D8-51A5-43FD-8925-9402435C7606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser:3.1:*:*:*:*:android:*:*",
"matchCriteriaId": "0362DE0E-C356-406B-B173-690D9B51C54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser:3.2.1:*:*:*:*:android:*:*",
"matchCriteriaId": "4F381D40-6721-4CD7-B527-D0005B727D3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser:3.3:*:*:*:*:android:*:*",
"matchCriteriaId": "500AA0B8-EF70-4B8D-ACA8-B053F3C7C067",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:*:-:*:*:*:android:*:*",
"matchCriteriaId": "54D1A4F8-9DB7-436B-B568-1972A5D548C1",
"versionEndIncluding": "3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:2.6.1:-:*:*:*:android:*:*",
"matchCriteriaId": "9E5B6388-2302-4739-96E2-8F44A43D3263",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:2.7:-:*:*:*:android:*:*",
"matchCriteriaId": "F039E22A-E2D8-4125-A27B-02EBD1A79515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:2.7.1:-:*:*:*:android:*:*",
"matchCriteriaId": "25EEB5C5-95E4-40E8-8E9E-6642063FCA51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:2.8:-:*:*:*:android:*:*",
"matchCriteriaId": "9AA09AF7-03B3-4DD5-AD4E-92E9F8E50A23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:2.9:-:*:*:*:android:*:*",
"matchCriteriaId": "CCF91F95-5D57-4AEB-B4D6-A5D0B07E46EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:2.9.1:-:*:*:*:android:*:*",
"matchCriteriaId": "93634ACA-A454-47B6-A5F0-7DC7D88F6E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:2.9.2:-:*:*:*:android:*:*",
"matchCriteriaId": "9C5BEB74-1416-4D81-BB1A-E82F2620A62F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:3.0.1:-:*:*:*:android:*:*",
"matchCriteriaId": "D7977FAF-BBD0-4BBF-8CA2-FACC11F6D7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:3.0.2:-:*:*:*:android:*:*",
"matchCriteriaId": "579507C3-47C3-458B-A6D2-19B97B697914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:3.1:-:*:*:*:android:*:*",
"matchCriteriaId": "71AEFF82-A3CB-4E50-A24F-CC3CFC935609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:3.2:-:*:*:*:android:*:*",
"matchCriteriaId": "7E947FF5-C88F-45AD-9325-858C6238CBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:3.3:-:*:*:*:android:*:*",
"matchCriteriaId": "D90A1807-2D22-49DA-AD10-3600C65081D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:3.4:-:*:*:*:android:*:*",
"matchCriteriaId": "DB5A553A-4F6B-4F6A-9B53-6208296546E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:3.5:-:*:*:*:android:*:*",
"matchCriteriaId": "0919A81F-610E-455E-A448-242C4E614F27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:3.6:-:*:*:*:android:*:*",
"matchCriteriaId": "6AD399D0-6049-4336-A71B-2F67B23C84BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:boatmob:boat_browser_mini:3.7:-:*:*:*:android:*:*",
"matchCriteriaId": "1C3462BD-3F63-4BDD-882F-BBEF97F5F2B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Boat Browser application before 4.2 and Boat Browser Mini application before 3.9 for Android do not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n Boat Browser antes de v4.2 y Boat Browser Mini antes de v3.9 para Android no aplica correctamente la clase WebView, lo que permite a atacantes obtener informaci\u00f3n sensible a trav\u00e9s de una aplicaci\u00f3n dise\u00f1ada para tal fin.\r\n"
}
],
"id": "CVE-2012-5179",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-12-26T17:55:01.407",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN69589791/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN69589791/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000111"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…