VYPR
← All advisories
Unrated severityNVD Advisory· Published May 1, 2012· Updated Apr 29, 2026

CVE-2012-2217

CVE-2012-2217

Description

The HTC IQRD service for Android on the HTC EVO 4G before 4.67.651.3, EVO Design 4G before 2.12.651.5, Shift 4G before 2.77.651.3, EVO 3D before 2.17.651.5, EVO View 4G before 2.23.651.1, Vivid before 3.26.502.56, and Hero does not restrict localhost access to TCP port 2479, which allows remote attackers to (1) send SMS messages, (2) obtain the Network Access Identifier (NAI) and its password, or trigger (3) popup messages or (4) tones via a crafted application that leverages the android.permission.INTERNET permission.

Affected products

39
  • Htc/Evo 4g Software11 versions
    cpe:2.3:a:htc:evo_4g_software:*:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:htc:evo_4g_software:*:*:*:*:*:*:*:*range: <=4.54.651.1
    • cpe:2.3:a:htc:evo_4g_software:1.32.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:1.47.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:3.26.651.6:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:3.29.651.5:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:3.30.651.2:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:3.30.651.3:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:3.70.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:4.22.651.2:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:4.24.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:4.53.651.1:*:*:*:*:*:*:*
  • Htc/Evo 4g2 versions
    cpe:2.3:h:htc:evo_4g:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:htc:evo_4g:-:*:*:*:*:*:*:*
    • cpe:2.3:h:htc:evo_4g:gri40:*:*:*:*:*:*:*
  • Htc/Evo Design 4g Software2 versions
    cpe:2.3:a:htc:evo_design_4g_software:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:htc:evo_design_4g_software:*:*:*:*:*:*:*:*range: <=1.19.651.1
    • cpe:2.3:a:htc:evo_design_4g_software:1.19.651.0:*:*:*:*:*:*:*
  • Htc/Evo Design 4g
    cpe:2.3:h:htc:evo_design_4g:-:*:*:*:*:*:*:*
  • Htc/Shift 4g Software4 versions
    cpe:2.3:a:htc:shift_4g_software:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:htc:shift_4g_software:*:*:*:*:*:*:*:*range: <=2.76.651.6
    • cpe:2.3:a:htc:shift_4g_software:1.17.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:shift_4g_software:2.75.651.4:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:shift_4g_software:2.75.651.5:*:*:*:*:*:*:*
  • Htc/Shift 4g
    cpe:2.3:h:htc:shift_4g:-:*:*:*:*:*:*:*
  • Htc/Evo 3d Software4 versions
    cpe:2.3:a:htc:evo_3d_software:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:htc:evo_3d_software:*:*:*:*:*:*:*:*range: <=2.08.651.3
    • cpe:2.3:a:htc:evo_3d_software:1.11.651.3:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_3d_software:1.13.651.7:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_3d_software:2.08.651.2:*:*:*:*:*:*:*
  • Htc/Evo 3d2 versions
    cpe:2.3:h:htc:evo_3d:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:htc:evo_3d:*:*:*:*:*:*:*:*
    • cpe:2.3:h:htc:evo_3d:gri40:*:*:*:*:*:*:*
  • Htc/Evo View 4g Software2 versions
    cpe:2.3:a:htc:evo_view_4g_software:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:htc:evo_view_4g_software:*:*:*:*:*:*:*:*range: <=1.22.651.2
    • cpe:2.3:a:htc:evo_view_4g_software:1.22.651.1:*:*:*:*:*:*:*
  • Htc/Evo View 4g
    cpe:2.3:h:htc:evo_view_4g:-:*:*:*:*:*:*:*
  • Htc/Vivid Software
    cpe:2.3:a:htc:vivid_software:*:*:*:*:*:*:*:*
    Range: <=3.26.502
  • Htc/Vivid
    cpe:2.3:h:htc:vivid:-:*:*:*:*:*:*:*
  • Htc/Hero Software6 versions
    cpe:2.3:a:htc:hero_software:1.29.651.1:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:htc:hero_software:1.29.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:hero_software:1.56.651.2:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:hero_software:2.27.651.5:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:hero_software:2.27.651.6:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:hero_software:2.31.651.7:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:hero_software:2.32.651.2:*:*:*:*:*:*:*
  • Htc/Hero
    cpe:2.3:h:htc:hero:-:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.