CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
79.0%
The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application.
Vendor | Product | Version | CPE |
---|---|---|---|
tetsuya_aoyama | twicca | 0.7.0 | cpe:2.3:a:tetsuya_aoyama:twicca:0.7.0:*:*:*:*:*:*:* |
tetsuya_aoyama | twicca | 0.8.8 | cpe:2.3:a:tetsuya_aoyama:twicca:0.8.8:*:*:*:*:*:*:* |
tetsuya_aoyama | twicca | 0.9.4g | cpe:2.3:a:tetsuya_aoyama:twicca:0.9.4g:rc2:*:*:*:*:*:* |
tetsuya_aoyama | twicca | 0.9.4g2 | cpe:2.3:a:tetsuya_aoyama:twicca:0.9.4g2:rc2:*:*:*:*:*:* |
tetsuya_aoyama | twicca | 0.9.13 | cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13:rc2:*:*:*:*:*:* |
tetsuya_aoyama | twicca | 0.9.13a | cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13a:rc2:*:*:*:*:*:* |
tetsuya_aoyama | twicca | 0.9.13b-rc2 | cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13b-rc2:*:*:*:*:*:*:* |
tetsuya_aoyama | twicca | 0.9.16 | cpe:2.3:a:tetsuya_aoyama:twicca:0.9.16:*:*:*:*:*:*:* |
tetsuya_aoyama | twicca | 0.9.17b | cpe:2.3:a:tetsuya_aoyama:twicca:0.9.17b:*:*:*:*:*:*:* |
tetsuya_aoyama | twicca | 0.9.20 | cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20:*:*:*:*:*:*:* |