Vulnerability Abstract

Title: Vulnerability in Easy Filter for Android
Time: 02 Dec 2011
Author: Daoyuan Wu*, Xiapu Luo* and Rocky K. C. Chang
Department of Computing, The Hong Kong Polytechnic University, Hong Kong
* authors with equal contributions
CVE ID: CVE-2011-4698
Category: To Be Confirmed
Related Vendor: AndroidAppTools

Application Information

Archive Time: December 2, 2011 HKT
Package Name: com.phoneblocker.android
Full Name: Easy Filter
Affected Version: 1.1 and 1.2 (the latest version in 02 Dec 2011)
Package Installs: 50,000 - 100,000
Market Link: https://market.android.com/details?id=com.phoneblocker.android
Update Log: 1.7, the latest version in Mar 12 2012 HKT, also has this vulnerability!

Vulnerability Details

Status: Breif impact description now releases to public.
Breif Description: Allow a malicious application to access and manipulate the user’s call records, sms and the blacklists set by the user.

Vendor Response

Contact Time: Dec 16, 2011 at 2:44 PM HKT
Confirm Time: No reply, although we have notified them.
Patched Time: Unknown
Patched Status: Unknown

Important Notes

Although we only mention one or several affected version in our report, other versions may also be vulnerable, e.g. lower version, pad version or paid version.

Related Vulnerabilities