Localhost Access Issue in HTC Android Devices
CVE-2012-2217

Currently unrated

Key Information:

Vendor

Htc

Status
Evo 4g Software
Evo 4g
Vendor
CVE Published:
1 May 2012

What is CVE-2012-2217?

The HTC IQRD service on various HTC Android devices fails to restrict localhost access to TCP port 2479. This vulnerability allows remote attackers to exploit the system by sending SMS messages, extracting the Network Access Identifier (NAI) along with its password, or triggering unwanted popup messages and tones through a malicious application that uses the android.permission.INTERNET permission.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/53187
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/75080
vdb-entryx_refsource_XF
http://archives.neohapsis.com/archives/bugtraq/2012-04/01...
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.