CVE-2014-0806
Sleipnir Mobile < 2.12.1 - Unauthenticated Exposure of Sensitive Location Information via Geolocation API
Title source: llmDescription
The Sleipnir Mobile application 2.12.1 and earlier and Sleipnir Mobile Black Edition application 2.12.1 and earlier for Android provide Geolocation API data without verifying user consent, which allows remote attackers to obtain sensitive location information via a web site that makes API calls.
References (2)
Core 2
Core References
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN81637882/index.html
Third Party Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000007
Scores
EPSS
0.0107
EPSS Percentile
60.7%
Details
CWE
CWE-200
Status
published
Products (23)
fenrir-inc/sleipnir_mobile
1.0.0 alpha (6 CPE variants)
fenrir-inc/sleipnir_mobile
1.1.0 (2 CPE variants)
fenrir-inc/sleipnir_mobile
1.2.0 (2 CPE variants)
fenrir-inc/sleipnir_mobile
1.3.0 (2 CPE variants)
fenrir-inc/sleipnir_mobile
1.4.0 (2 CPE variants)
fenrir-inc/sleipnir_mobile
1.5.0 (2 CPE variants)
fenrir-inc/sleipnir_mobile
1.5.1 (2 CPE variants)
fenrir-inc/sleipnir_mobile
1.6.0 (2 CPE variants)
fenrir-inc/sleipnir_mobile
1.7.0 (2 CPE variants)
fenrir-inc/sleipnir_mobile
1.7.1 (2 CPE variants)
... and 13 more
Published
Jan 22, 2014
Tracked Since
Feb 18, 2026