Lucene search

[email protected]NVD:CVE-2012-0326

HistoryMar 17, 2012 - 10:55 a.m.

CVE-2012-0326

2012-03-1710:55:01

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.006

Percentile

79.0%

JSON

The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application.

Affected configurations

Nvd

Node

tetsuya_aoyamatwiccaMatch0.7.0

tetsuya_aoyamatwiccaMatch0.8.8

tetsuya_aoyamatwiccaMatch0.9.4grc2

tetsuya_aoyamatwiccaMatch0.9.4g2rc2

tetsuya_aoyamatwiccaMatch0.9.13rc2

tetsuya_aoyamatwiccaMatch0.9.13arc2

tetsuya_aoyamatwiccaMatch0.9.13b-rc2

tetsuya_aoyamatwiccaMatch0.9.16

tetsuya_aoyamatwiccaMatch0.9.17b

tetsuya_aoyamatwiccaMatch0.9.20

tetsuya_aoyamatwiccaMatch0.9.20a

tetsuya_aoyamatwiccaMatch0.9.20b

tetsuya_aoyamatwiccaMatch0.9.20c

tetsuya_aoyamatwiccaMatch0.9.20e

tetsuya_aoyamatwiccaMatch0.9.26

tetsuya_aoyamatwiccaMatch0.9.26c

tetsuya_aoyamatwiccaMatch0.9.26c2

tetsuya_aoyamatwiccaMatch0.9.30

tetsuya_aoyamatwiccaMatch0.9.31

tetsuya_aoyamatwiccaMatch0.9.31a

AND

googleandroid

VendorProductVersionCPE
tetsuya_aoyamatwicca0.7.0cpe:2.3:a:tetsuya_aoyama:twicca:0.7.0:*:*:*:*:*:*:*
tetsuya_aoyamatwicca0.8.8cpe:2.3:a:tetsuya_aoyama:twicca:0.8.8:*:*:*:*:*:*:*
tetsuya_aoyamatwicca0.9.4gcpe:2.3:a:tetsuya_aoyama:twicca:0.9.4g:rc2:*:*:*:*:*:*
tetsuya_aoyamatwicca0.9.4g2cpe:2.3:a:tetsuya_aoyama:twicca:0.9.4g2:rc2:*:*:*:*:*:*
tetsuya_aoyamatwicca0.9.13cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13:rc2:*:*:*:*:*:*
tetsuya_aoyamatwicca0.9.13acpe:2.3:a:tetsuya_aoyama:twicca:0.9.13a:rc2:*:*:*:*:*:*
tetsuya_aoyamatwicca0.9.13b-rc2cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13b-rc2:*:*:*:*:*:*:*
tetsuya_aoyamatwicca0.9.16cpe:2.3:a:tetsuya_aoyama:twicca:0.9.16:*:*:*:*:*:*:*
tetsuya_aoyamatwicca0.9.17bcpe:2.3:a:tetsuya_aoyama:twicca:0.9.17b:*:*:*:*:*:*:*
tetsuya_aoyamatwicca0.9.20cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tetsuya_aoyama	twicca	0.7.0	cpe:2.3:a:tetsuya_aoyama:twicca:0.7.0:::::::*
tetsuya_aoyama	twicca	0.8.8	cpe:2.3:a:tetsuya_aoyama:twicca:0.8.8:::::::*
tetsuya_aoyama	twicca	0.9.4g	cpe:2.3:a:tetsuya_aoyama:twicca:0.9.4g:rc2::::::
tetsuya_aoyama	twicca	0.9.4g2	cpe:2.3:a:tetsuya_aoyama:twicca:0.9.4g2:rc2::::::
tetsuya_aoyama	twicca	0.9.13	cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13:rc2::::::
tetsuya_aoyama	twicca	0.9.13a	cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13a:rc2::::::
tetsuya_aoyama	twicca	0.9.13b-rc2	cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13b-rc2:::::::*
tetsuya_aoyama	twicca	0.9.16	cpe:2.3:a:tetsuya_aoyama:twicca:0.9.16:::::::*
tetsuya_aoyama	twicca	0.9.17b	cpe:2.3:a:tetsuya_aoyama:twicca:0.9.17b:::::::*
tetsuya_aoyama	twicca	0.9.20	cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20:::::::*

Rows per page:

1-10 of 211

References

jvn.jp/en/jp/JVN31860555/index.html

jvndb.jvn.jp/jvndb/JVNDB-2012-000024

osvdb.org/80106

twicca.r246.jp/notice/

www.securityfocus.com/bid/52442

exchange.xforce.ibmcloud.com/vulnerabilities/73951

play.google.com/store/apps/details?id=jp.r246.twicca

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.006

Percentile

79.0%

JSON

Related for NVD:CVE-2012-0326

cve1 jvn1 cvelist1 prion1