CVE-2012-4248
First published: Sun Aug 12 2012(Updated: )
The Amazon Kindle Touch before 5.1.2 does not properly restrict access to the libkindleplugin.so NPAPI plugin interface, which might allow remote attackers to have an unspecified impact via vectors involving the (1) dev.log, (2) lipc.set, (3) lipc.get, or (4) todo.scheduleItems method, a different vulnerability than CVE-2012-4249.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Amazon Kindle Touch | <=5.1.1 | |
| Amazon Kindle Touch | =5.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/amazon
- canonical/amazon kindle touch
- version/amazon kindle touch/5.1.1
- version/amazon kindle touch/5.1.0