The CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) application 2.0.0 for Android does not properly protect data, which allows remote attackers to read or modify allow/block lists via a crafted application.Referenceshttp://www4.comp.polyu.edu.hk/~appsec/bugs/CVE-2011-4701-vulnerability-in-CallConfirm.html
