Information Disclosure Vulnerability in Yahoo! Browser for Android by Yahoo! Japan
CVE-2012-2645

Currently unrated

Key Information:

Vendor: Yahoo
Status: Yahoo\! Browser
Vendor: CVE Published:; 16 July 2012

What is CVE-2012-2645?

The Yahoo! Browser application for Android, version 1.2.0 and earlier, suffers from a vulnerability that arises from improper implementation of the WebView class. This flaw may enable attackers to exploit crafted applications, allowing them to retrieve sensitive user information. Users of the affected versions are urged to update their applications promptly to mitigate potential risks.

References

http://secunia.com/advisories/49905

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/54488

vdb-entryx_refsource_BID

http://jvndb.jvn.jp/jvndb/JVNDB-2012-000070

third-party-advisoryx_refsource_JVNDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 16, 2012
Vulnerability Reserved
May 14, 2012

CVE-2012-2645 Data

JSON