CVE-2012-0326

Published Mar 17, 2012

Last updated 7 years ago

Overview

Description: The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application.
Source: vultures@jpcert.or.jp
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-264

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88F37994-AE64-42F2-B19F-DE81A5AD9B65"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.8.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAB554DC-480B-4300-889C-FBB3D5CC91DF"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.4g:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45D1523B-2707-4C6F-A798-913765F9BEB9"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.4g2:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30DC3D53-6C21-4F73-9F64-0924A543DB26"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDE5CAA0-C481-4E03-AB5C-D3C1C3F1B9FA"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13a:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED34391F-1410-4A80-9968-651365B914BF"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13b-rc2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A65F2485-0D35-4A3F-8CCC-31AED7DB21B3"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2419DA1-50B9-47B4-B6DE-B31DA2A96FBA"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.17b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C63ABD69-5A71-455C-B6CC-04765DA206DC"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5997AC82-BA35-4E42-A7DE-757FAD330CF6"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C321B08-AD94-4703-ADD0-ECFC13DAB3F3"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C129F6E9-54C3-44CA-AFB9-65809C0A915F"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB9A64ED-D608-4BBA-80B0-286F206D53E3"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F22A8ACE-8650-4CFB-8843-E4BF697C5418"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DE1A05D-3FFE-4D11-8EB4-8B1DB0218DA2"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.26c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93C49F29-39EB-4967-9D87-4952D5988F93"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.26c2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1655A49D-E73E-4402-8D18-3EF37728EE0E"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE5D74E8-2022-4481-A95C-1BFC1F7BC5B1"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87F430D8-66E1-4451-9591-A492D80A9BCB"
          },
          {
            "criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.31a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "672943A8-C7D5-4118-838F-CD61925D6B09"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References