An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files.
samsung notes