PT-2014-4399 · Ntt Docomo+1 · Sp Mode Mail+1

Satoru Takekoshi

Published

2014-03-19

Updated

2014-03-20

CVE-2014-1977

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions NTT DOCOMO sp mode mail application versions 6300 and earlier for Android 4.0.x NTT DOCOMO sp mode mail application versions 6700 and earlier for Android 4.1 through 4.4

Description The issue allows attackers to obtain sensitive information via a crafted application, due to weak permissions for attachments during the processing of incoming e-mail messages.

Recommendations For versions 6300 and earlier for Android 4.0.x, update to a version that properly secures attachments during e-mail processing. For versions 6700 and earlier for Android 4.1 through 4.4, update to a version that properly secures attachments during e-mail processing.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-1977

Affected Products

Android

Sp Mode Mail

PT-2014-4399 · Ntt Docomo+1 · Sp Mode Mail+1

CVE-2014-1977

Weakness Enumeration

Related Identifiers

Affected Products

References · 3