JVN#89260331: sp mode mail vulnerability where Java methods may be executed

2014-03-18T00:00:00
ID JVN:89260331
Type jvn
Reporter Japan Vulnerability Notes
Modified 2014-03-18T00:00:00

Description

## Description

sp mode mail provided by NTT DOCOMO contains an issue in the processing Deco-mail emoticon POP, which may lead to the execution of arbitrary Java methods that can be executed with the privileges of sp mode mail.

## Impact

When a specially crafted email is opened, an arbitrary Java method that can be executed with the privileges of sp mode mail may be executed.

## Solution

Update the software
Update to the latest version according to the information provided by developer.

## Products Affected

  • sp mode mail rev.5900 through rev.6300 for Android 4.0.X and earlier
  • sp mode mail rev.6000 (initial version) through rev.6620 for Android 4.1 and later