CVE-2012-5182

Published: Dec 26, 2012Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The Loctouch application 3.4.6 and earlier for Android does not properly handle implicit intents, which allows attackers to obtain sensitive information about logged locations via a crafted application.

Affected (1)

Products: Naver: Loctouch

Naver

1 product

Loctouch

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Naver Loctouch	Up to 3.4.6

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://jvn.jp/en/jp/JVN42625179/index.html

Source: vultures@jpcert.or.jp

http://jvndb.jvn.jp/jvndb/JVNDB-2012-000114

Source: vultures@jpcert.or.jp

https://play.google.com/store/apps/details?id=com.livedoor.android.folkat

Source: vultures@jpcert.or.jp

http://jvn.jp/en/jp/JVN42625179/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://jvndb.jvn.jp/jvndb/JVNDB-2012-000114

Source: af854a3a-2127-422b-91ae-364da2661108

https://play.google.com/store/apps/details?id=com.livedoor.android.folkat

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.