2.6
CVE-2013-2318
- EPSS 1.34%
- Veröffentlicht 06.06.2013 13:02:14
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginThe Content Provider in the MovatwiTouch application before 1.793 and MovatwiTouch Paid application before 1.793 for Android does not properly restrict access to authorization information, which allows attackers to hijack Twitter accounts via a crafted application.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Jig ≫ Movatwitouch Update- SwPlatformandroid Version <= 1.792
Jig ≫ Movatwitouch Paid Update- SwPlatformandroid Version <= 1.792
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.34% | 0.676 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:P/I:N/A:N
|
http://jvn.jp/en/jp/JVN90289505/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000047
http://movatwitter.jugem.jp/?eid=442