cvelistv5 - CVE-2013-2301

CVE-2013-2301 (GCVE-0-2013-2301)

Vulnerability from cvelistv5

Published

2013-03-29 10:00

Modified

2024-09-16 23:31

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

gsd-2013-2301

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2013-2301

Aliases

CVE-2013-2301

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-2301",
    "description": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem.",
    "id": "GSD-2013-2301"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-2301"
      ],
      "details": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem.",
      "id": "GSD-2013-2301",
      "modified": "2023-12-13T01:22:17.887347Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vultures@jpcert.or.jp",
        "ID": "CVE-2013-2301",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt",
            "refsource": "CONFIRM",
            "url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
          },
          {
            "name": "JVN#01167429",
            "refsource": "JVN",
            "url": "http://jvn.jp/en/jp/JVN01167429/index.html"
          },
          {
            "name": "JVNDB-2013-000025",
            "refsource": "JVNDB",
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
          },
          {
            "name": "http://jvn.jp/en/jp/JVN01167429/995309/index.html",
            "refsource": "CONFIRM",
            "url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:omron:openwnn:1.2:-:*:*:*:android:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:omron:openwnn:1.1:-:*:*:*:android:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:omron:openwnn:1.0:-:*:*:*:android:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:omron:openwnn:*:-:*:*:*:android:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.3.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:omron:openwnn:1.3.4:-:*:*:*:android:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:omron:openwnn:1.3.2:-:*:*:*:android:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:omron:openwnn:1.3:-:*:*:*:android:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:omron:openwnn:1.3.3:-:*:*:*:android:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:omron:openwnn:1.3.1:-:*:*:*:android:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2013-2301"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVN#01167429",
              "refsource": "JVN",
              "tags": [],
              "url": "http://jvn.jp/en/jp/JVN01167429/index.html"
            },
            {
              "name": "http://jvn.jp/en/jp/JVN01167429/995309/index.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
            },
            {
              "name": "JVNDB-2013-000025",
              "refsource": "JVNDB",
              "tags": [],
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
            },
            {
              "name": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-03-29T16:09Z",
      "publishedDate": "2013-03-29T16:09Z"
    }
  }
}

ghsa-vvpg-cfgg-r45q

Vulnerability from github

Published

2022-05-17 05:12

Modified

2022-05-17 05:12

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-2301"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-03-29T16:09:00Z",
    "severity": "MODERATE"
  },
  "details": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem.",
  "id": "GHSA-vvpg-cfgg-r45q",
  "modified": "2022-05-17T05:12:30Z",
  "published": "2022-05-17T05:12:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2301"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN01167429/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem. OpenWnn for Android contains an issue in the access permissions for certain files. OpenWnn provided by OMRON SOFTWARE Co., Ltd. is a Japanese Input Method Editor (IME). OpenWnn for Android contains an issue in the access permissions for certain files. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. OpenWnn for Android is prone to an information-disclosure vulnerability. Successful exploits allow an attacker to gain access to sensitive information. Information obtained may aid in further attacks. OpenWnn for Android 1.3.5 and prior are vulnerable

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201303-0180",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "openwnn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "omron",
        "version": "1.0"
      },
      {
        "model": "openwnn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "omron",
        "version": "1.3.1"
      },
      {
        "model": "openwnn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "omron",
        "version": "1.1"
      },
      {
        "model": "openwnn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "omron",
        "version": "1.2"
      },
      {
        "model": "openwnn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "omron",
        "version": "1.3.3"
      },
      {
        "model": "openwnn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "omron",
        "version": "1.3.2"
      },
      {
        "model": "openwnn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "omron",
        "version": "1.3"
      },
      {
        "model": "openwnn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "omron",
        "version": "1.3.4"
      },
      {
        "model": "openwnn",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "omron",
        "version": "1.3.5"
      },
      {
        "model": "openwnn for android",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "omron",
        "version": "1.3.5"
      },
      {
        "model": "android omron openwnn",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "omron",
        "version": "\u003c=1.3.6"
      },
      {
        "model": "openwnn",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "omron",
        "version": "1.3.5"
      },
      {
        "model": "software openwnn for android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "omron",
        "version": "1.3.5"
      },
      {
        "model": "software openwnn for android",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "omron",
        "version": "1.3.6"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openwnn",
        "version": "1.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openwnn",
        "version": "1.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openwnn",
        "version": "1.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openwnn",
        "version": "1.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openwnn",
        "version": "1.3.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openwnn",
        "version": "1.3.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openwnn",
        "version": "1.3.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openwnn",
        "version": "1.3.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "openwnn",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "05162674-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02534"
      },
      {
        "db": "BID",
        "id": "58784"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000025"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-599"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2301"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:omron_2:openwnn",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000025"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Gaku Mochizuki of Mitsui Bussan Secure Directions",
    "sources": [
      {
        "db": "BID",
        "id": "58784"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-2301",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2013-2301",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 2.6,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2013-000025",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2013-02534",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.9,
            "id": "05162674-2353-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.2,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-62303",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-2301",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2013-000025",
            "trust": 0.8,
            "value": "Low"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-02534",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201303-599",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "05162674-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-62303",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "05162674-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02534"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62303"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000025"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-599"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2301"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem. OpenWnn for Android contains an issue in the access permissions for certain files. OpenWnn provided by OMRON SOFTWARE Co., Ltd. is a Japanese Input Method Editor (IME). OpenWnn for Android contains an issue in the access permissions for certain files. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. OpenWnn for Android is prone to an information-disclosure vulnerability. \nSuccessful exploits allow an attacker to gain access to sensitive  information.  Information obtained may aid in further attacks. \nOpenWnn for Android 1.3.5 and prior are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-2301"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000025"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02534"
      },
      {
        "db": "BID",
        "id": "58784"
      },
      {
        "db": "IVD",
        "id": "05162674-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62303"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-2301",
        "trust": 3.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000025",
        "trust": 3.1
      },
      {
        "db": "JVN",
        "id": "JVN01167429",
        "trust": 2.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-599",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02534",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVN#01167429",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "58784",
        "trust": 0.4
      },
      {
        "db": "IVD",
        "id": "05162674-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-62303",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "05162674-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02534"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62303"
      },
      {
        "db": "BID",
        "id": "58784"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000025"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-599"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2301"
      }
    ]
  },
  "id": "VAR-201303-0180",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "05162674-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02534"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62303"
      }
    ],
    "trust": 1.9
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "05162674-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02534"
      }
    ]
  },
  "last_update_date": "2024-11-23T23:05:54.315000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "OMRON SOFTWARE Co., Ltd. website",
        "trust": 0.8,
        "url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
      },
      {
        "title": "Android OMRON OpenWnn file permission setting vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/33099"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02534"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000025"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-62303"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000025"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2301"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "http://jvn.jp/en/jp/jvn01167429/index.html"
      },
      {
        "trust": 2.0,
        "url": "https://android.googlesource.com/platform/packages/inputmethods/openwnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/changelog.txt"
      },
      {
        "trust": 1.7,
        "url": "http://jvn.jp/en/jp/jvn01167429/995309/index.html"
      },
      {
        "trust": 1.7,
        "url": "http://jvndb.jvn.jp/jvndb/jvndb-2013-000025"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2301"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2301"
      },
      {
        "trust": 0.6,
        "url": "http://jvndb.jvn.jp/en/contents/2013/jvndb-2013-000025.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02534"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62303"
      },
      {
        "db": "BID",
        "id": "58784"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000025"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-599"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2301"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "05162674-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02534"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62303"
      },
      {
        "db": "BID",
        "id": "58784"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000025"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-599"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2301"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-04-02T00:00:00",
        "db": "IVD",
        "id": "05162674-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-04-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02534"
      },
      {
        "date": "2013-03-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-62303"
      },
      {
        "date": "2013-03-29T00:00:00",
        "db": "BID",
        "id": "58784"
      },
      {
        "date": "2013-03-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-000025"
      },
      {
        "date": "2013-03-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-599"
      },
      {
        "date": "2013-03-29T16:09:05.990000",
        "db": "NVD",
        "id": "CVE-2013-2301"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-04-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02534"
      },
      {
        "date": "2013-03-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-62303"
      },
      {
        "date": "2013-03-29T00:00:00",
        "db": "BID",
        "id": "58784"
      },
      {
        "date": "2013-03-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-000025"
      },
      {
        "date": "2013-04-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201303-599"
      },
      {
        "date": "2024-11-21T01:51:25.590000",
        "db": "NVD",
        "id": "CVE-2013-2301"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-599"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "OpenWnn for Android vulnerable to information disclosure",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-000025"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201303-599"
      }
    ],
    "trust": 0.6
  }
}

CVE-2013-2301

Vulnerability from jvndb

Published

2013-03-29 13:58

Modified

2013-03-29 13:58

Severity ?

() - -

Summary

OpenWnn for Android vulnerable to information disclosure

Details

OpenWnn for Android contains an issue in the access permissions for certain files. OpenWnn provided by OMRON SOFTWARE Co., Ltd. is a Japanese Input Method Editor (IME). OpenWnn for Android contains an issue in the access permissions for certain files. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	https://jvn.jp/en/jp/JVN01167429/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2301
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2301
	Permissions(CWE-264)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

OMRON Corporation

OpenWnn for Android

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000025.html",
  "dc:date": "2013-03-29T13:58+09:00",
  "dcterms:issued": "2013-03-29T13:58+09:00",
  "dcterms:modified": "2013-03-29T13:58+09:00",
  "description": "OpenWnn for Android contains an issue in the access permissions for certain files.\r\n\r\nOpenWnn provided by OMRON SOFTWARE Co., Ltd. is a Japanese Input Method Editor (IME). OpenWnn for Android contains an issue in the access permissions for certain files.\r\n\r\nGaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000025.html",
  "sec:cpe": {
    "#text": "cpe:/a:omron_2:openwnn",
    "@product": "OpenWnn for Android",
    "@vendor": "OMRON Corporation",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "2.6",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2013-000025",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN01167429/index.html",
      "@id": "JVN#01167429",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2301",
      "@id": "CVE-2013-2301",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2301",
      "@id": "CVE-2013-2301",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-264",
      "@title": "Permissions(CWE-264)"
    }
  ],
  "title": "OpenWnn for Android vulnerable to information disclosure"
}

fkie_cve-2013-2301

Vulnerability from fkie_nvd

Published

2013-03-29 16:09

Modified

2025-04-11 00:51

Severity ?

Summary

References

	URL	Tags
	vultures@jpcert.or.jp	http://jvn.jp/en/jp/JVN01167429/995309/index.html
	vultures@jpcert.or.jp	http://jvn.jp/en/jp/JVN01167429/index.html
	vultures@jpcert.or.jp	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025
	vultures@jpcert.or.jp	https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt
	af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN01167429/995309/index.html
	af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN01167429/index.html
	af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025
	af854a3a-2127-422b-91ae-364da2661108	https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt

Impacted products

Vendor	Product	Version
omron	openwnn	*
omron	openwnn	1.0
omron	openwnn	1.1
omron	openwnn	1.2
omron	openwnn	1.3
omron	openwnn	1.3.1
omron	openwnn	1.3.2
omron	openwnn	1.3.3
omron	openwnn	1.3.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:omron:openwnn:*:-:*:*:*:android:*:*",
              "matchCriteriaId": "28537A22-D50C-4BBE-9DA8-435D7091B320",
              "versionEndIncluding": "1.3.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:omron:openwnn:1.0:-:*:*:*:android:*:*",
              "matchCriteriaId": "9BCF74B3-327F-4AF3-A271-FFFDE74E2D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:omron:openwnn:1.1:-:*:*:*:android:*:*",
              "matchCriteriaId": "3FD4E52B-E814-4B19-997F-54CEB06563AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:omron:openwnn:1.2:-:*:*:*:android:*:*",
              "matchCriteriaId": "03A1B1F1-6FE2-4302-85D1-D18C4AB0F5A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:omron:openwnn:1.3:-:*:*:*:android:*:*",
              "matchCriteriaId": "DABD5C05-E2E5-469F-BC69-183C9FF730BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:omron:openwnn:1.3.1:-:*:*:*:android:*:*",
              "matchCriteriaId": "6AF96E14-C457-408F-9CFA-285ED054C0DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:omron:openwnn:1.3.2:-:*:*:*:android:*:*",
              "matchCriteriaId": "D941F6C0-8765-42F9-954F-7875A72D8C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:omron:openwnn:1.3.3:-:*:*:*:android:*:*",
              "matchCriteriaId": "7EF178A1-13B7-440C-8C0E-11945433AE8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:omron:openwnn:1.3.4:-:*:*:*:android:*:*",
              "matchCriteriaId": "78DA20B5-6DE1-4F44-B70D-1E00E74962B6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem."
    },
    {
      "lang": "es",
      "value": "La aplicaci\u00f3n OMRON OpenWnn anterior a v1.3.6 para Android usa permisos d\u00e9biles para archivos sin especificar, lo que permite a atacantes remotos obtener informaci\u00f3n a trav\u00e9s de una aplicaci\u00f3n que accede al sistema de archivos local."
    }
  ],
  "id": "CVE-2013-2301",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-03-29T16:09:05.990",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvn.jp/en/jp/JVN01167429/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN01167429/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2013-2301 (GCVE-0-2013-2301)

Vulnerability from cvelistv5

gsd-2013-2301

Vulnerability from gsd

ghsa-vvpg-cfgg-r45q

Vulnerability from github

var-201303-0180

Vulnerability from variot

CVE-2013-2301

Vulnerability from jvndb

fkie_cve-2013-2301

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature