CVE-2014-0806 Information

Description

The Sleipnir Mobile application 2.12.1 and earlier and Sleipnir Mobile Black Edition application 2.12.1 and earlier for Android provide Geolocation API data without verifying user consent which allows remote attackers to obtain sensitive location information via a web site that makes API calls.

Reference

http://jvn.jp/en/jp/JVN81637882/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000007