第三方组件漏洞列表 (182)

OSVDB/85308(发布:2012-03-19)MCOEPS
CVSSN/A

Mobclix Ad Library for Android contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the com.mobclix.android.sdk.MobclixJavascriptInterface class is called once the application is installed and subsequently whenever the user moves to a different location. This will disclose a user's location to a third party advertiser.

OSVDB/85307(发布:2012-03-19)MCOEPS
CVSSN/A

Pontiflex Ad Library for Android contains a flaw that may lead to an unauthorized disclosure of what account credentials are used on the device. This does not disclose the credentials themselves, merely their existence.

OSVDB/85306(发布:2012-03-19)MCOEPS
CVSSN/A

Plankton Ad Library for Android's com.plankton.device.android.service.AndroidMDKService service sends the device's IMEI number to a remote server, thus potentially disclosing it to a remote attacker.

OSVDB/85305(发布:2012-03-19)MCOEPS
CVSSN/A

Plankton Ad Library for Android contains a flaw that is triggered when com.plankton.device.android.service.AndroidMDKService receives a .jar file that transforms the host into a bot, which effectively creates a backdoor for a remote attacker to execute arbitrary code.

OSVDB/85304(发布:2012-03-19)MCOEPS
CVSSN/A

Sosceo Ad Library for Android contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by the com.sosceo.android.ads.AdView object querying the device's contact information for the most recent call and then storing it in data objects which are used as URL queries when requesting ads, which will disclose the phone number of the most recent call to a remote attacker.

OSVDB/85303(发布:2012-03-19)MCOEPS
CVSSN/A

Mobus Ad Library for Android contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the application searches the SMS database in order to gain administrative information for the Short Message Service Center (SMSC). This will disclose potentially sensitive information to a remote attacker.

12345678下一页尾页 第1页 / 共31页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站