CVE-2012-2980

The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:h:htc:merge:-:*:*:*:*:*:*:*
cpe:2.3:h:sprint:evo_shift_4g:-:*:*:*:*:*:*:*
cpe:2.3:h:htc:chacha:-:*:*:*:*:*:*:*
cpe:2.3:h:att:status:-:*:*:*:*:*:*:*
cpe:2.3:h:t-mobile:g2:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:galaxy_s:-:*:*:*:*:*:*:*
cpe:2.3:h:t-mobile:mytouch_3g_slide:-:*:*:*:*:*:*:*
cpe:2.3:h:htc:desire:-:*:*:*:*:*:*:*
cpe:2.3:h:t-mobile:mytouch_4g_slide:-:*:*:*:*:*:*:*

Information

Published : 2012-08-21 03:46

Updated : 2012-08-21 03:46


NVD link : CVE-2012-2980

Mitre link : CVE-2012-2980


JSON object : View

CWE
CWE-255

Credentials Management Errors

Advertisement

dedicated server usa

Products Affected

htc

  • merge
  • chacha
  • desire

t-mobile

  • mytouch_4g_slide
  • g2
  • mytouch_3g_slide

sprint

  • evo_shift_4g

att

  • status

samsung

  • galaxy_s