PT-2012-3166 · Lunascape · Lunascape
Gaku Mochizuki
·
Published
2012-05-21
·
Updated
2013-01-04
·
CVE-2012-1249
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
iLunascape versions 1.0.4.0 and earlier
Description
The issue concerns the improper implementation of the WebView class in the iLunascape application, allowing remote attackers to obtain sensitive stored information via a crafted application.
Recommendations
For versions 1.0.4.0 and earlier, consider disabling the WebView class functionality until a proper fix is implemented to prevent potential exploitation.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Lunascape