Arbitrary Java Method Execution and Command Injection Vulnerability in Cybozu Live Application for Android

Arbitrary Java Method Execution and Command Injection Vulnerability in Cybozu Live Application for Android

CVE-2013-3646 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site. NOTE: this vulnerability exists because of a CVE-2012-4008 regression.

Learn more about our Cis Benchmark Audit For Google Android.