Vulnerability CVE-2012-2217


Published: 2012-05-01

Description:
The HTC IQRD service for Android on the HTC EVO 4G before 4.67.651.3, EVO Design 4G before 2.12.651.5, Shift 4G before 2.77.651.3, EVO 3D before 2.17.651.5, EVO View 4G before 2.23.651.1, Vivid before 3.26.502.56, and Hero does not restrict localhost access to TCP port 2479, which allows remote attackers to (1) send SMS messages, (2) obtain the Network Access Identifier (NAI) and its password, or trigger (3) popup messages or (4) tones via a crafted application that leverages the android.permission.INTERNET permission.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
HTC IQRD Android Permission Leakage
Dan Rosenberg
22.04.2012

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

Vendor: HTC
Product: Evo 4g 
Version: gri40;
Product: Evo 3d 
Version: gri40;
Product: Evo 4g software 
Version:
4.67.651.3
4.54.651.1
4.53.651.1
4.24.651.1
4.22.651.2
3.70.651.1
3.30.651.3
3.30.651.2
3.29.651.5
3.26.651.6
1.47.651.1
1.32.651.1
Product: Vivid software 
Version: 3.26.502;
Product: Shift 4g software 
Version:
2.76.651.6
2.75.651.5
2.75.651.4
1.17.651.1
Product: Hero software 
Version:
2.32.651.2
2.31.651.7
2.27.651.6
2.27.651.5
1.56.651.2
1.29.651.1
Product: Evo 3d software 
Version:
2.08.651.3
2.08.651.2
1.13.651.7
1.11.651.3
Product: Evo view 4g software 
Version: 1.22.651.2; 1.22.651.1;
Product: Evo design 4g software 
Version: 1.19.651.1; 1.19.651.0;
Product: Shift 4g 
Product: Evo design 4g 
Product: HERO 
Product: Vivid 
Product: Evo view 4g 

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.4/10
4.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None

 References:
http://archives.neohapsis.com/archives/bugtraq/2012-04/0176.html
http://www.securityfocus.com/bid/53187
http://www.vsecurity.com/resources/advisory/20120420-1/
https://exchange.xforce.ibmcloud.com/vulnerabilities/75080

Related CVE
CVE-2018-1170
This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerabil...
CVE-2013-4622
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
CVE-2012-2980
The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coor...
CVE-2011-4872
Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtai...
CVE-2011-3975
A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLoggers.apk application, which allows user-assisted remote attackers to obtain...
CVE-2008-6775
HTC Touch Pro and HTC Touch Cruise vCard allows remote attackers to cause denial of service (CPU consumption, SMS consumption, and connectivity loss) via a flood of vCards to UDP port 9204.

Copyright 2019, cxsecurity.com

 

Back to Top