Arbitrary Code Execution and Information Disclosure in Cybozu KUNAI Android Application

Arbitrary Code Execution and Information Disclosure in Cybozu KUNAI Android Application

CVE-2012-4011 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.

Learn more about our Cis Benchmark Audit For Google Android.