CVE-2011-4698

The AndroidAppTools Easy Filter (com.phoneblocker.android) application 1.1 and 1.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and call records via a crafted application.

CVSS v2.0 6.4 MEDIUM

6.4^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4698-vulnerability-in-EasyFilter.html
http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4698-vulnerability-in-EasyFilter.html

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:androidapptools:easy_filter:1.1:::::::*
	cpe:2.3:a:androidapptools:easy_filter:1.2:::::::*

cpe:2.3:o:android:android:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:32

Type	Values Removed	Values Added
References	~~() http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4698-vulnerability-in-EasyFilter.html -~~	() http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4698-vulnerability-in-EasyFilter.html -

Information

Published : 2012-01-25 04:03

Updated : 2024-11-21 01:32

NVD link : CVE-2011-4698

Mitre link : CVE-2011-4698

CVE.ORG link : CVE-2011-4698

JSON object : View

Products Affected

android

android

androidapptools

easy_filter

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2011-4698", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-01-25T04:03:27.627", "references": [{"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4698-vulnerability-in-EasyFilter.html", "source": "cve@mitre.org"}, {"url": "http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4698-vulnerability-in-EasyFilter.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The AndroidAppTools Easy Filter (com.phoneblocker.android) application 1.1 and 1.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS messages and call records via a crafted application."}, {"lang": "es", "value": "La aplicaci\u00f3n AndroidAppTools Easy Filter (com.phoneblocker.android) v1.1 y v1.2 para Android no protege correctamente los datos, lo que permite a atacantes remotos leer o modificar mensajes SMS y registros de llamada a trav\u00e9s de una aplicaci\u00f3n modificada."}], "lastModified": "2024-11-21T01:32:48.580", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:androidapptools:easy_filter:1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A7462D4-DB5A-46F2-8FD4-B63933D45859"}, {"criteria": "cpe:2.3:a:androidapptools:easy_filter:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAE08977-FFBB-45A8-9756-60F68243BCC8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:android:android:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8549DBC2-7199-41FF-B646-6CED58571E20"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}