PT-2012-23: SQL Injection in Dr.Web Anti-virus

Vulnerable software

Dr.Web Anti-virus
Version: 7.00.0 and earlier

Application link:

Severity level

Severity level: Medium
Impact: SQL Injection
Access Vector: Local  

CVSS v2:
Base Score: 6.6
Vector: (AV:L/AC:L/Au:N/C:C/I:N/A:C)

CVE: not assign

Software description

Dr.Web Anti-virus is an antivirus software for Android platform.

Vulnerability description

The specialists of the Positive Research center have detected "SQL Injection" vulnerability in Dr.Web Anti-virus application.

The vulnerability was detected in Dr.Web Anti-virus application for Android platrform in com.drweb.activities.antispam.CursorActivity class. An attacker can get the history of calls or SMS messages via third-party applications installed in the system.

How to fix

Update your software up to the latest version

Advisory status

11.07.2012 - Vendor is notified
11.07.2012 - Vendor gets vulnerability details
13.07.2012 - Vendor releases fixed version and details
17.07.2012 - Public disclosure


The vulnerability was discovered by Artem Chaykin, Positive Research Center (Positive Technologies Company)


Reports on the vulnerabilities previously discovered by Positive Research: