Samsung SecEmailSync CVE-2016-2565 Information Disclosure Vulnerability

Samsung SecEmailSync is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks.

Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) is vulnerable.

Information

Bugtraq ID: 97658
Class: Unknown
CVE: CVE-2016-2565

Remote: Yes
Local: No
Published: Apr 13 2017 12:00AM
Updated: Apr 13 2017 12:00AM
Credit: Roberto Paleari (@rpaleari) and Aristide Fattori (@joystick).
Vulnerable: Samsung SecEmailSync SM-G920F build G920F

Not Vulnerable:

References:

• Samsung Homepage (Samsung)
  
• Exposed provider and SQLi in SecEmailSync (Github)
  

Source: www.securityfocus.com