The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.
References
Configurations
Information
Published : 2012-09-08 03:28
Updated : 2012-09-16 21:00
NVD link : CVE-2012-4011
Mitre link : CVE-2012-4011
JSON object : View
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Products Affected
cybozu
- kunai