0 Results Found
            Back To Results
              Advisory

              Audible Mobile Application Information Disclosure Vulnerability

              Dell SecureWorks Security Advisory SWRX-2011-004

              Advisory Information

              • Title: Audible Mobile Application Information Disclosure Vulnerability
              • Advisory ID: SWRX-2011-004
              • Date published: Friday, October 28, 2011
              • CVE: CVE-2011-4196
              • CVSS v2 Base Score: 4.7
              • Date of last update: Thursday, October 27, 2011
              • Vendors contacted: Audible, Inc.
              • Release mode: Coordinated
              • Discovered by: Beau Woods, Dell SecureWorks

              Summary

              The Audible for iPhone and iPod Touch (http://www.audible.com/wireless/iphone) and the Audible for Android (http://www.audible.com/wireless/android) applications improperly handle sensitive information. An attacker with physical or logical access to the device or to device backups could obtain the user account information, password, device ID and device serial number.

              Download the PDF

              PGP Signature (PC Users: You may need to right click your mouse and select "Save As")

              SecureWorks CTU Public Key

               

              Related Content