5

CVE-2012-0326

The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Tetsuya AoyamaTwicca Version0.7.0
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.8.8
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.4g Updaterc2
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.4g2 Updaterc2
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.13 Updaterc2
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.13a Updaterc2
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.13b-rc2
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.16
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.17b
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.20
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.20a
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.20b
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.20c
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.20e
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.26
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.26c
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.26c2
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.30
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.31
   GoogleAndroid
Tetsuya AoyamaTwicca Version0.9.31a
   GoogleAndroid
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.56% 0.72
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://jvn.jp/en/jp/JVN31860555/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000024
http://osvdb.org/80106
http://twicca.r246.jp/notice/
Patch
http://www.securityfocus.com/bid/52442
https://exchange.xforce.ibmcloud.com/vulnerabilities/73951
https://play.google.com/store/apps/details?id=jp.r246.twicca
Patch
Vendor Advisory