Compromise of system in Android Cybozu KUNAI

Posted: September 9, 2012 in Vulnerabilities
Tags: Android, Cybozu KUNAI, it-security, system compromise

Vulnerability: Compromise of system in Android Cybozu KUNAI

Danger: High

CVE ID: CVE-2012-4011

Impact: System Compromise

Affected products: Cybozu KUNAI for Android 2.x

Affected versions: Android Cybozu KUNAI 2.0.5, perhaps the only one.

Description:

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability is caused due to an unspecified error. Remote user to execute arbitrary Java-methods.

Successful exploitation allows execution of arbitrary code via a specially crafted web-page.

Manufacturer URL: http://cs.cybozu.co.jp/information/kunai/

Solution: Install the latest version 2.0.6 from the manufacturer.

links:

http://cs.cybozu.co.jp/information/20120910up01.php

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

You are commenting using your Google+ account. ( Log Out / Change )

Connecting to %s

MALWARELIST.net – Your Information Security Source