Vulnerability Details : CVE-2012-0316
The Cookpad 1.5.16 and earlier and Cookpad Noseru 1.1.1 and earlier applications for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.
Vulnerability category: Information leak
Exploit prediction scoring system (EPSS) score for CVE-2012-0316
Probability of exploitation activity in the next 30 days: 0.45%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 72 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-0316
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2012-0316
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-0316
-
http://jvn.jp/en/jp/JVN25731073/index.html
JVN#25731073: Multiple COOKPAD applications for Android vulnerable in WebView class
-
http://www.securityfocus.com/bid/52189
Cookpad and Cookpad Noseru for Android 'WebView' Class Information Disclosure Vulnerability
-
http://secunia.com/advisories/48065
Sign in
-
http://cookpad.typepad.jp/help/2012/02/23oshirase.html
Vendor Advisory
-
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000014
JVNDB-2012-000014 - JVN iPedia - 脆弱性対策情報データベース
Products affected by CVE-2012-0316
- cpe:2.3:a:cookpad:android_activities:*:*:*:*:*:*:*:*
- cpe:2.3:a:cookpad:android_mykitchen:*:*:*:*:*:*:*:*