Access Control Vulnerabilities in Amazon Kindle Touch
CVE-2012-4248

Currently unrated

Key Information:

Vendor

Amazon

Status
Kindle Touch
Vendor
CVE Published:
12 August 2012

What is CVE-2012-4248?

The Amazon Kindle Touch prior to version 5.1.2 contains an access control vulnerability in the libkindleplugin.so NPAPI plugin interface. This flaw can potentially allow remote attackers to exploit several methods, including dev.log, lipc.set, lipc.get, and todo.scheduleItems, to perform unauthorized actions that could impact system integrity and data confidentiality.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.mobileread.com/forums/showthread.php?s=c7953cc...
x_refsource_MISC
http://www.kb.cert.org/vuls/id/122656
third-party-advisoryx_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/MORO-8WKGBN
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.