Vulnerability Abstract

Title: Vulnerability in GO Email Widget for Android
Time: 01 Mar 2012
Author: Daoyuan Wu*, Xiapu Luo* and Rocky K. C. Chang
Department of Computing, The Hong Kong Polytechnic University, Hong Kong
* authors with equal contributions
CVE ID: CVE-2012-1394
Category: Newly Confirmed
Related Vendor: GO Launcher Dev Team

Application Information

Archive Time: Mar 1, 2012 at 11:48 PM HKT
Package Name: com.gau.go.launcherex.gowidget.emailwidget
Full Name: GO Email Widget
Affected Version: 1.3.1, 1.8 and 1.81 (the latest version in 01 Mar 2012)
Package Installs: 500,000 - 1,000,000
Market Link: https://market.android.com/details?id=com.gau.go.launcherex.gowidget.emailwidget
Update Log: 1.82, the latest version in Mar 8 2012, also has this vulnerability!

Vulnerability Details

Status: Details only release to related vendor.

Vendor Response

Contact Time: Mar 2, 2012 at 8:07 PM HKT
Confirm Time: Mar 5, 2012 at 9:55 PM HKT
Patched Time: Unknown
Patched Status: Unknown

Important Notes

Although we only mention one or several affected version in our report, other versions may also be vulnerable, e.g. lower version, pad version or paid version.

Related Vulnerabilities