Dell SecureWorks Security Advisory SWRX-2011-004

Advisory Information

  • Title: Audible Mobile Application Information Disclosure Vulnerability
  • Advisory ID: SWRX-2011-004
  • Date published: Friday, October 28, 2011
  • CVE: CVE-2011-4196
  • CVSS v2 Base Score: 4.7
  • Date of last update: Thursday, October 27, 2011
  • Vendors contacted: Audible, Inc.
  • Release mode: Coordinated
  • Discovered by: Beau Woods, Dell SecureWorks


The Audible for iPhone and iPod Touch ( and the Audible for Android ( applications improperly handle sensitive information. An attacker with physical or logical access to the device or to device backups could obtain the user account information, password, device ID and device serial number.

Download the PDF

PGP Signature (PC Users: You may need to right click your mouse and select "Save As")

SecureWorks CTU Public Key