CVE-2011-4865 : The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 applications

The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 applications for Android do not properly protect data, which allows remote attackers to read or modify message drafts and search keywords via a crafted application.

Published 2012-01-25 04:03:28

Updated 2025-04-11 00:51:22

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2011-4865

Tencent » Wblog » Version: 3.3.1
cpe:2.3:a:tencent:wblog:3.3.1:*:*:*:*:*:*:*
Matching versions
When used together with: Google » Android
Tencent » Microblogpad » Version: 1.4.0
cpe:2.3:a:tencent:microblogpad:1.4.0:*:*:*:*:*:*:*
Matching versions
When used together with: Google » Android

Exploit prediction scoring system (EPSS) score for CVE-2011-4865

EPSS FAQ

0.24%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 45 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2011-4865

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:N	8.6	4.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None

CWE ids for CVE-2011-4865

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-4865

http://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4865-vulnerability-in-WBlog-MicroBlogPad.html

Vulnerability in WBlog and MicroBlogPad (腾讯微博) for Android

Jump to

Vulnerability Details : CVE-2011-4865

Products affected by CVE-2011-4865

Exploit prediction scoring system (EPSS) score for CVE-2011-4865

CVSS scores for CVE-2011-4865

CWE ids for CVE-2011-4865

References for CVE-2011-4865