Unrated severityNVD Advisory· Published Aug 21, 2012· Updated Apr 29, 2026

CVE-2012-2980

Description

The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages.

Affected products

Att/Status
cpe:2.3:h:att:status:-:*:*:*:*:*:*:*
Htc/Chacha
cpe:2.3:h:htc:chacha:-:*:*:*:*:*:*:*
Htc/Desire
cpe:2.3:h:htc:desire:-:*:*:*:*:*:*:*
Htc/Merge
cpe:2.3:h:htc:merge:-:*:*:*:*:*:*:*
Samsung/Galaxy S
cpe:2.3:h:samsung:galaxy_s:-:*:*:*:*:*:*:*
Sprint/Evo Shift 4g
cpe:2.3:h:sprint:evo_shift_4g:-:*:*:*:*:*:*:*
T Mobile/G2
cpe:2.3:h:t-mobile:g2:-:*:*:*:*:*:*:*
T Mobile/Mytouch 3g Slide
cpe:2.3:h:t-mobile:mytouch_3g_slide:-:*:*:*:*:*:*:*
T Mobile/Mytouch 4g Slide
cpe:2.3:h:t-mobile:mytouch_4g_slide:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/251635nvdUS Government Resource
www.htc.com/www/help/app-security-fix/nvd
www.kb.cert.org/vuls/id/MAPG-8R5LD6nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000