CVE-2012-1244

Published Apr 27, 2012

Last updated 7 years ago

CVSS info 5.8

Overview

Description: The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Source: vultures@jpcert.or.jp
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 4.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-310

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B151C86-2D0E-49C0-8C04-1FA667BBB2DE",
            "versionEndIncluding": "5400"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:2546:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6D674F3-B9B0-4E04-882A-1A99E8D64BC7"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:2631:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05A86980-2D42-4CDB-95F4-35ED3F1EAE75"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3000:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "607E5791-C8A5-43FC-9C95-6F1403A1C45A"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2AC61F7-11EE-4867-9817-3DAA3BC6C1F9"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F3544EA-464C-42F6-AF72-ACB58668284A"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED607719-C78B-4716-A531-20E292BCB496"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3400:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B640DDD3-50EC-4E8B-87A7-5E49837C663C"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4000:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34AD600E-05D6-4AEE-9DC8-5DCBD0172262"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA995ABD-6B2B-4808-9546-9553940A2A08"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1593F4B2-3B53-490E-8E15-84FC0514D4AB"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4400:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE566215-3A8D-4311-99D1-B6E07CE46479"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0256B6C8-E7D2-48A1-B4A8-82437D20B813"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76B81BE2-B462-48BD-8641-0E36639073F4"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4700:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC452E75-380E-41C8-9081-08DCD806EA28"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4800:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC44F338-BF16-402B-AB03-7FABE1457DC5"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4900:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0E8AC52-F7B1-4FDE-B146-1C4DACD0AB64"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5000:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BC15FCC-22F4-4BD5-8F8F-7BA73BB24531"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8967289A-8DEE-4456-A089-B3239D88C3BE"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA37E3D6-87C3-4CB2-A16F-18AB9CA9A31C"
          },
          {
            "criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42AFE304-60F2-413C-8953-A7B16DB52C01"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References