[Japanese]

JVNDB-2012-000085

KUNAI Browser for Remote Service beta vulnerable in the WebView class

Overview

KUNAI Browser for Remote Service beta contains a vulnerability in the WebView class.

KUNAI Browser for Remote Service beta is an Android browser software for using Cybozu. KUNAI Browser for Remote Service beta contains a vulnerability in the WebView class.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 2.6 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
Affected Products


Cybozu, Inc.
  • KUNAI Browser for Remote Service beta

Impact

When there is a malicious file in the user's Android device, clicking a file:// hyperlink may lead to the malicious file being opened and information managed by the product may be disclosed.
Solution

[Do not use KUNAI Browser for Remote Service beta]
Please stop use of KUNAI Browser for Remote Service beta according to the information provided by the developer.
The developer has stopped distributing the product.
Vendor Information

Cybozu, Inc.
CWE (What is CWE?)

  1. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2012-4013
References

  1. JVN : JVN#03015214
  2. National Vulnerability Database (NVD) : CVE-2012-4013
Revision History

  • [2012/09/13]
      Web page was published

Date Public2012/09/13
Date First Published2012/09/13
Date Last Updated2012/09/13