CVE-2012-4012

The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL.

Date published : 2012-09-08

http://cs.cybozu.co.jp/information/20120910up02.php

http://jvn.jp/en/jp/JVN59652356/index.html