Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 05/02/2012 Updated: 16/02/2012

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 232

Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote malicious users to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STATE permission to call the toString method on the WifiConfiguration class.

Vulnerable Product	Search on Vulmon	Subscribe to Product
htc glacier frg83
htc droid incredible frf91
htc thunderbolt 4g frg83d
htc sensation 4g gri40
htc desire hd frg83d
htc evo 3d gri40
htc sensation z710e gri40
htc desire hd gri40
htc desire s gri40
htc evo 4g gri40

CWE-200 http://www.securityfocus.com/bid/51790 http://secunia.com/advisories/47837 http://blog.mywarwithentropy.com/2012/02/8021x-password-exploit-on-many-htc.html http://archives.neohapsis.com/archives/bugtraq/2012-02/0002.html http://www.kb.cert.org/vuls/id/763355 https://nvd.nist.gov https://www.kb.cert.org/vuls/id/763355

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-4872

Vulnerability Summary

References

Vulmon Search

About

Products

Connect