Lucene search
Japan Vulnerability NotesJVN:31860555HistoryMar 13, 2012 - 12:00 a.m.
JVN#31860555: twicca fails to restrict access permissions
2012-03-1300:00:00
Japan Vulnerability Notes
jvn.jp
16
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.006
Percentile
79.0%
twicca is a client software for using Twitter. twicca contains an issue where access permissions are not restricted.
Impact
Android applications without permissions for network access may upload image files with the privileges of twicca.
Solution
Update the Software
Apply the latest update for each application according to the information provided by the developer.
Products Affected
- twicca versions 0.7.0 through 0.9.30
Related
nvd
nvd
CVE-2012-0326
2012-03-17 10:55:01
cve
cve
CVE-2012-0326
2012-03-17 10:55:01
cvelist
cvelist
CVE-2012-0326
2012-03-17 10:00:00
prion
prion
Code injection
2012-03-17 10:55:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.006
Percentile
79.0%
Related for JVN:31860555