ByteOS Network

Vulnerability Details :

CVE-2012-5183

Assigner-jpcert

Assigner Org ID-ede6fdc4-6654-4307-a26d-3331c018e2ce

Published At-26 Dec, 2012 | 17:00

Updated At-17 Sep, 2024 | 03:37

The Loctouch application 3.4.6 and earlier for Android allows attackers to obtain sensitive information about logged locations via a crafted application that leverages read permission for system log files.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:jpcert

Assigner Org ID:ede6fdc4-6654-4307-a26d-3331c018e2ce

Published At:26 Dec, 2012 | 17:00

Updated At:17 Sep, 2024 | 03:37

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://jvn.jp/en/jp/JVN33159152/index.html	third-party-advisory x_refsource_JVN
https://play.google.com/store/apps/details?id=com.livedoor.android.folkat	x_refsource_MISC
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000115	third-party-advisory x_refsource_JVNDB

Hyperlink: http://jvn.jp/en/jp/JVN33159152/index.html

Resource:

third-party-advisory

x_refsource_JVN

Hyperlink: https://play.google.com/store/apps/details?id=com.livedoor.android.folkat

Resource:

x_refsource_MISC

Hyperlink: http://jvndb.jvn.jp/jvndb/JVNDB-2012-000115

Resource:

third-party-advisory

x_refsource_JVNDB

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://jvn.jp/en/jp/JVN33159152/index.html	third-party-advisory x_refsource_JVN x_transferred
https://play.google.com/store/apps/details?id=com.livedoor.android.folkat	x_refsource_MISC x_transferred
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000115	third-party-advisory x_refsource_JVNDB x_transferred

Hyperlink: http://jvn.jp/en/jp/JVN33159152/index.html

Resource:

third-party-advisory

x_refsource_JVN

x_transferred

Hyperlink: https://play.google.com/store/apps/details?id=com.livedoor.android.folkat

Resource:

x_refsource_MISC

x_transferred

Hyperlink: http://jvndb.jvn.jp/jvndb/JVNDB-2012-000115

Resource:

third-party-advisory

x_refsource_JVNDB

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:vultures@jpcert.or.jp

Published At:26 Dec, 2012 | 17:55

Updated At:11 Apr, 2025 | 00:51

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	2.6	LOW	AV:N/AC:H/Au:N/C:P/I:N/A:N
Primary	2.0	2.6	LOW	AV:N/AC:H/Au:N/C:P/I:N/A:N

Type: Primary

Version: 2.0

Base score: 2.6

Base severity: LOW

Vector:

AV:N/AC:H/Au:N/C:P/I:N/A:N

Type: Primary

Version: 2.0

Base score: 2.6

Base severity: LOW

Vector:

AV:N/AC:H/Au:N/C:P/I:N/A:N

CPE Matches

naver>>loctouch>>Versions up to 3.4.6(inclusive)

cpe:2.3:a:naver:loctouch:*:-:*:*:*:android:*:*

Weaknesses

CWE ID	Type	Source
CWE-200	Primary	nvd@nist.gov

CWE ID: CWE-200

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://jvn.jp/en/jp/JVN33159152/index.html	vultures@jpcert.or.jp	N/A
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000115	vultures@jpcert.or.jp	N/A
https://play.google.com/store/apps/details?id=com.livedoor.android.folkat	vultures@jpcert.or.jp	N/A
http://jvn.jp/en/jp/JVN33159152/index.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000115	af854a3a-2127-422b-91ae-364da2661108	N/A
https://play.google.com/store/apps/details?id=com.livedoor.android.folkat	af854a3a-2127-422b-91ae-364da2661108	N/A

Hyperlink: http://jvn.jp/en/jp/JVN33159152/index.html

Source: vultures@jpcert.or.jp

Resource: N/A

Hyperlink: http://jvndb.jvn.jp/jvndb/JVNDB-2012-000115

Source: vultures@jpcert.or.jp

Resource: N/A

Hyperlink: https://play.google.com/store/apps/details?id=com.livedoor.android.folkat

Source: vultures@jpcert.or.jp

Resource: N/A

Hyperlink: http://jvn.jp/en/jp/JVN33159152/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: http://jvndb.jvn.jp/jvndb/JVNDB-2012-000115

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: https://play.google.com/store/apps/details?id=com.livedoor.android.folkat

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Similar CVEs

153Records found

CVE-2017-0586

Matching Score-4

Assigner-Android (associated with Google Inc. or Open Handset Alliance)

View Details

Matching Score-4

Assigner-Android (associated with Google Inc. or Open Handset Alliance)

CVSS Score-4.7||MEDIUM

EPSS-0.22% / 44.84%

7 Day CHG~0.00%

Published-07 Apr, 2017 | 22:00

Updated-20 Apr, 2025 | 01:37

An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33649808. References: QC-CR#1097569.

Vendor-Google LLC Linux Kernel Organization, Inc

Product-linux_kernel Android

CWE ID-CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CVE-2016-10294

Matching Score-4

Assigner-Android (associated with Google Inc. or Open Handset Alliance)

View Details

Matching Score-4

Assigner-Android (associated with Google Inc. or Open Handset Alliance)

CVSS Score-4.7||MEDIUM

EPSS-0.18% / 39.34%

7 Day CHG~0.00%

Published-12 May, 2017 | 15:00

Updated-20 Apr, 2025 | 01:37

An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33621829. References: QC-CR#1105481.

Vendor-Google LLC Linux Kernel Organization, Inc

Product-linux_kernel Android

CWE ID-CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CVE-2016-0701

Matching Score-4

Assigner-Red Hat, Inc.

View Details

Matching Score-4

Assigner-Red Hat, Inc.

CVSS Score-3.7||LOW

EPSS-23.87% / 95.80%

7 Day CHG~0.00%

Published-15 Feb, 2016 | 00:00

Updated-12 Apr, 2025 | 10:46

The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file.

Vendor-n/a OpenSSL

Product-openssl n/a

CWE ID-CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CVE-2012-5183

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs