RSS   Podatności dla 'Kindle touch'   RSS

2012-08-12
 
CVE-2012-4249

CWE-94
 

 
The Amazon Lab126 com.lab126.system sendEvent implementation on the Kindle Touch before 5.1.2 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a string, as demonstrated by using lipc-set-prop to set an LIPC property, a different vulnerability than CVE-2012-4248.

 
 
CVE-2012-4248

CWE-264
 

 
The Amazon Kindle Touch before 5.1.2 does not properly restrict access to the libkindleplugin.so NPAPI plugin interface, which might allow remote attackers to have an unspecified impact via vectors involving the (1) dev.log, (2) lipc.set, (3) lipc.get, or (4) todo.scheduleItems method, a different vulnerability than CVE-2012-4249.

 

 >>> Vendor: Amazon 26 Produkty
Kindle touch
Kindle for pc
Merchant sdk
Elastic load balancing api tools
Flexible payments service
Ec2 api tools java library
Kindle
Fire os
Workspaces
Amazon key firmware
Amazon music
Payfort
Payfort-php-sdk
Amazon web services freertos
Freertos
Amazon web services software development kit
Freertos\+fat
Audible
Firecracker
Aws-lambda
Aws javascript s3 explorer
Tough
Aws s3 crypto sdk
Sockeye
Aws opensearch
Aws client vpn


Copyright 2024, cxsecurity.com

 

Back to Top