Vulnerability Description
The GREE application before 1.4.0, GREE Tanken Dorirando application before 1.0.7, GREE Tsurisuta application before 1.5.0, GREE Monpura application before 1.1.1, GREE Kaizokuoukoku Columbus application before 1.3.5, GREE haconiwa application before 1.1.0, GREE Seisen Cerberus application before 1.1.0, and KDDI&GREE GREE Market application before 2.1.2 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gree | Gree | <= 1.3.9 |
| Gree | Haconiwa | <= 1.0.9 |
| Gree | Kaizokuoukoku Columbus | <= 1.3.4 |
| Gree | Monpura | <= 1.1.0 |
| Gree | Seisen Cerberus | <= 1.0.9 |
| Gree | Tanken Dorirando | <= 1.0.6 |
| Gree | Tsurisuta | <= 1.4.9 |
| Kddi \& Gree | Gree Market | <= 2.1.1 |
| Android | All versions |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN99192898/index.htmlVendor Advisory
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000077Vendor Advisory
- http://jvn.jp/en/jp/JVN99192898/index.htmlVendor Advisory
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000077Vendor Advisory
FAQ
What is CVE-2012-4006?
CVE-2012-4006 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The GREE application before 1.4.0, GREE Tanken Dorirando application before 1.0.7, GREE Tsurisuta application before 1.5.0, GREE Monpura application before 1.1.1, GREE Kaizokuoukoku Columbus applicati...
How severe is CVE-2012-4006?
CVE-2012-4006 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4006?
Check the references section above for vendor advisories and patch information. Affected products include: Gree Gree, Gree Haconiwa, Gree Kaizokuoukoku Columbus, Gree Monpura, Gree Seisen Cerberus.