CVE-2012-5697

Name of the Vulnerable Software and Affected Versions Bulb Security Smartphone Pentest Framework (SPF) versions prior to 0.1.3

Description The issue concerns the btinstall installation script in the framework, which sets weak permissions for files in a specific directory. This allows local users to access sensitive information or inject arbitrary Perl code.

Recommendations For versions prior to 0.1.3, update to version 0.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the frameworkgui/ directory to minimize the risk of exploitation.