9.3
CVE-2012-4248
- EPSS 3.49%
- Veröffentlicht 12.08.2012 17:55:01
- Zuletzt bearbeitet 16.06.2026 23:44:42
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Amazon Kindle Touch before 5.1.2 does not properly restrict access to the libkindleplugin.so NPAPI plugin interface, which might allow remote attackers to have an unspecified impact via vectors involving the (1) dev.log, (2) lipc.set, (3) lipc.get, or (4) todo.scheduleItems method, a different vulnerability than CVE-2012-4249.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Amazon ≫ Kindle Touch Version <= 5.1.1
Amazon ≫ Kindle Touch Version5.1.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.49% | 0.876 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://www.kb.cert.org/vuls/id/122656
http://www.kb.cert.org/vuls/id/MORO-8WKGBN
http://www.mobileread.com/forums/showthread.php?s=c7953cc553a4aaa36e880b25aa1a6bf6&t=175368