The Amazon Kindle Touch prior to 5.1.2 does not properly restrict access to the libkindleplugin.so NPAPI plugin interface, which might allow remote malicious users to have an unspecified impact via vectors involving the (1) dev.log, (2) lipc.set, (3) lipc.get, or (4) todo.scheduleItems method, a different vulnerability than CVE-2012-4249.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
amazon kindle touch |
||
amazon kindle touch 5.1.0 |