CVE-2011-4872
Last modified
CVE-2011-4872 is a vulnerability of currently unknown severity. Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STATE permission to call the toString method on the WifiConfiguration class.. EPSS estimates a 1.40% chance of exploitation in the next 30 days.
Description
Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STATE permission to call the toString method on the WifiConfiguration class.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Htc | Desire Hd | frg83d |
| Htc | Desire Hd | gri40 |
| Htc | Desire S | gri40 |
| Htc | Droid Incredible | frf91 |
| Htc | Evo 3d | gri40 |
| Htc | Evo 4g | gri40 |
| Htc | Glacier | frg83 |
| Htc | Sensation 4g | gri40 |
| Htc | Sensation Z710e | gri40 |
| Htc | Thunderbolt 4g | frg83d |
References
- http://secunia.com/advisories/47837Vendor Advisory
- http://www.kb.cert.org/vuls/id/763355US Government Resource
- http://secunia.com/advisories/47837Vendor Advisory
- http://www.kb.cert.org/vuls/id/763355US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-4872?
How severe is CVE-2011-4872?
How do I fix CVE-2011-4872?
Are you affected by CVE-2011-4872?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST