CVE-2012-3887 — MEDIUM (5.0)

Q: How severe is CVE-2012-3887?

CVE-2012-3887 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2012-3887?

Check the references section above for vendor advisories and patch information. Affected products include: Airdroid Airdroid.

Vulnerability Description

AirDroid before 1.0.7 beta uses a cleartext base64 format for data transfer that is documented as an "Encrypted Transmission" feature, which allows remote attackers to obtain sensitive information by sniffing the local wireless network, as demonstrated by the SMS message content sent to the sdctl/sms/send/single/ URI.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Airdroid	Airdroid	<= 1.0.6

Related Weaknesses (CWE)

CWE-310

References

FAQ

What is CVE-2012-3887?

CVE-2012-3887 is a vulnerability with a CVSS score of 5.0 (MEDIUM). AirDroid before 1.0.7 beta uses a cleartext base64 format for data transfer that is documented as an "Encrypted Transmission" feature, which allows remote attackers to obtain sensitive information by ...

How severe is CVE-2012-3887?

CVE-2012-3887 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-3887?

Check the references section above for vendor advisories and patch information. Affected products include: Airdroid Airdroid.