CVE-2012-1249 Information

Description

The iLunascape application 1.0.4.0 and earlier for Android does not properly implement the WebView class which allows remote attackers to obtain sensitive stored information via a crafted application.

Reference

http://jvn.jp/en/jp/JVN86044443/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-000044 http://osvdb.org/82035 http://secunia.com/advisories/49253 http://www.securityfocus.com/bid/53619 https://play.google.com/store/apps/details?id=jp.co.lunascape.android.ilunascape