Vulnerability Description
The WebView class in the Cybozu KUNAI Browser for Remote Service application beta for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cybozu | Kunai Browser For Remote Service | - |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN03015214/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000085
- http://products.cybozu.co.jp/remote/product/smartphone/
- http://jvn.jp/en/jp/JVN03015214/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000085
- http://products.cybozu.co.jp/remote/product/smartphone/
FAQ
What is CVE-2012-4013?
CVE-2012-4013 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The WebView class in the Cybozu KUNAI Browser for Remote Service application beta for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a craf...
How severe is CVE-2012-4013?
CVE-2012-4013 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4013?
Check the references section above for vendor advisories and patch information. Affected products include: Cybozu Kunai Browser For Remote Service.