Vulnerability CVE-2014-1978

See in [MITRE] [NVD]

Search:
WLB2

Vulnerability CVE-2014-1978


Published: 2014-03-19   Modified: 2014-03-20

Description:
The application link interface in the NTT DOCOMO sp mode mail application 6100 through 6300 for Android 4.0.x and 6130 through 6700 for Android 4.1 through 4.4 writes message content to the SD card during e-mail composition, which allows attackers to obtain sensitive information via a crafted application.


Type:
CWE-264 (Permissions, Privileges, and Access Controls)

Vendor: Nttdocomo
Product: Spmode mail android 
Version:
6700
6300
6130
6100

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

Related CVE
[ CVE-2014-1979 ]
The NTT DOCOMO sp mode mail application 5900 through 6300 for Android 4.0.x and 6000 throug...
[ CVE-2014-1977 ]
The NTT DOCOMO sp mode mail application 6300 and earlier for Android 4.0.x and 6700 and ear...
[ CVE-2013-3659 ]
The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for Android does not properly...
[ CVE-2012-1244 ]
The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly veri...

References:
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000028
http://jvn.jp/en/jp/JVN05951929/index.html
Copyright 2014, cxsecurity.com