0 Results Found
              Back To Results
                Advisories

                Audible Mobile Application Information Disclosure Vulnerability

                By: Beau Woods

                Dell SecureWorks Security Advisory SWRX-2011-004

                Advisory Information

                • Title: Audible Mobile Application Information Disclosure Vulnerability
                • Advisory ID: SWRX-2011-004
                • Date published: Friday, October 28, 2011
                • CVE: CVE-2011-4196
                • CVSS v2 Base Score: 4.7
                • Date of last update: Thursday, October 27, 2011
                • Vendors contacted: Audible, Inc.
                • Release mode: Coordinated
                • Discovered by: Beau Woods, Dell SecureWorks

                Summary

                The Audible for iPhone and iPod Touch (http://www.audible.com/wireless/iphone) and the Audible for Android (http://www.audible.com/wireless/android) applications improperly handle sensitive information. An attacker with physical or logical access to the device or to device backups could obtain the user account information, password, device ID and device serial number.

                Download the PDF

                PGP Signature (PC Users: You may need to right click your mouse and select "Save As")

                SecureWorks CTU Public Key

                 

                Related Content