VYPR
Unrated severityNVD Advisory· Published May 1, 2012· Updated Jun 16, 2026

CVE-2012-2217

CVE-2012-2217

Description

The HTC IQRD service for Android on the HTC EVO 4G before 4.67.651.3, EVO Design 4G before 2.12.651.5, Shift 4G before 2.77.651.3, EVO 3D before 2.17.651.5, EVO View 4G before 2.23.651.1, Vivid before 3.26.502.56, and Hero does not restrict localhost access to TCP port 2479, which allows remote attackers to (1) send SMS messages, (2) obtain the Network Access Identifier (NAI) and its password, or trigger (3) popup messages or (4) tones via a crafted application that leverages the android.permission.INTERNET permission.

Affected products

40
  • cpe:2.3:a:htc:evo_3d_software:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:htc:evo_3d_software:*:*:*:*:*:*:*:*range: <=2.08.651.3
    • cpe:2.3:a:htc:evo_3d_software:1.11.651.3:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_3d_software:1.13.651.7:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_3d_software:2.08.651.2:*:*:*:*:*:*:*
  • Htc/Evo View 4g14 versions
    cpe:2.3:a:htc:evo_4g_software:*:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:htc:evo_4g_software:*:*:*:*:*:*:*:*range: <=4.54.651.1
    • cpe:2.3:a:htc:evo_4g_software:1.32.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:1.47.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:3.26.651.6:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:3.29.651.5:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:3.30.651.2:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:3.30.651.3:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:3.70.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:4.22.651.2:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:4.24.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_4g_software:4.53.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:evo_view_4g_software:*:*:*:*:*:*:*:*range: <=1.22.651.2
    • cpe:2.3:a:htc:evo_view_4g_software:1.22.651.1:*:*:*:*:*:*:*
    • cpe:2.3:h:htc:evo_view_4g:-:*:*:*:*:*:*:*
  • Htc/Evo Design 4g3 versions
    cpe:2.3:a:htc:evo_design_4g_software:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:htc:evo_design_4g_software:*:*:*:*:*:*:*:*range: <=1.19.651.1
    • cpe:2.3:a:htc:evo_design_4g_software:1.19.651.0:*:*:*:*:*:*:*
    • cpe:2.3:h:htc:evo_design_4g:-:*:*:*:*:*:*:*
  • Htc/Hero Software6 versions
    cpe:2.3:a:htc:hero_software:1.29.651.1:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:htc:hero_software:1.29.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:hero_software:1.56.651.2:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:hero_software:2.27.651.5:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:hero_software:2.27.651.6:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:hero_software:2.31.651.7:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:hero_software:2.32.651.2:*:*:*:*:*:*:*
  • Htc/Shift 4g5 versions
    cpe:2.3:a:htc:shift_4g_software:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:htc:shift_4g_software:*:*:*:*:*:*:*:*range: <=2.76.651.6
    • cpe:2.3:a:htc:shift_4g_software:1.17.651.1:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:shift_4g_software:2.75.651.4:*:*:*:*:*:*:*
    • cpe:2.3:a:htc:shift_4g_software:2.75.651.5:*:*:*:*:*:*:*
    • cpe:2.3:h:htc:shift_4g:-:*:*:*:*:*:*:*
  • cpe:2.3:a:htc:vivid_software:*:*:*:*:*:*:*:*
    Range: <=3.26.502
  • Htc/Evo 3d2 versions
    cpe:2.3:h:htc:evo_3d:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:htc:evo_3d:*:*:*:*:*:*:*:*
    • cpe:2.3:h:htc:evo_3d:gri40:*:*:*:*:*:*:*
  • Htc/Evo 4g2 versions
    cpe:2.3:h:htc:evo_4g:-:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:h:htc:evo_4g:-:*:*:*:*:*:*:*
    • cpe:2.3:h:htc:evo_4g:gri40:*:*:*:*:*:*:*
  • cpe:2.3:h:htc:hero:-:*:*:*:*:*:*:*
  • cpe:2.3:h:htc:vivid:-:*:*:*:*:*:*:*
  • Htc/IQRD servicellm-create

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.