Improper Implementation of WebView Class in GREE and KDDI&GREE Applications for Android

Improper Implementation of WebView Class in GREE and KDDI&GREE Applications for Android

CVE-2012-4006 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The GREE application before 1.4.0, GREE Tanken Dorirando application before 1.0.7, GREE Tsurisuta application before 1.5.0, GREE Monpura application before 1.1.1, GREE Kaizokuoukoku Columbus application before 1.3.5, GREE haconiwa application before 1.1.0, GREE Seisen Cerberus application before 1.1.0, and KDDI&GREE GREE Market application before 2.1.2 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application.

Learn more about our Cis Benchmark Audit For Google Android.