CVE-2012-1244

2012-04-2718:00:00

jpcert

www.cve.org

AI Score

5.9

Confidence

Low

EPSS

0.001

Percentile

41.0%

JSON

The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

References

jvn.jp/en/jp/JVN82029095/index.html

jvndb.jvn.jp/jvndb/JVNDB-2012-000037

osvdb.org/81629

secunia.com/advisories/48955

www.securityfocus.com/bid/53254

exchange.xforce.ibmcloud.com/vulnerabilities/75159