The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 01:34
Type | Values Removed | Values Added |
---|---|---|
References | () http://jvn.jp/en/jp/JVN31860555/index.html - | |
References | () http://jvndb.jvn.jp/jvndb/JVNDB-2012-000024 - | |
References | () http://osvdb.org/80106 - | |
References | () http://twicca.r246.jp/notice/ - Patch | |
References | () http://www.securityfocus.com/bid/52442 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/73951 - | |
References | () https://play.google.com/store/apps/details?id=jp.r246.twicca - Patch, Vendor Advisory |
Information
Published : 2012-03-17 10:55
Updated : 2024-11-21 01:34
NVD link : CVE-2012-0326
Mitre link : CVE-2012-0326
CVE.ORG link : CVE-2012-0326
JSON object : View
Products Affected
- android
tetsuya_aoyama
- twicca
CWE
CWE-264
Permissions, Privileges, and Access Controls