fkie_cve-2014-1977
Vulnerability from fkie_nvd
Published
2014-03-19 14:17
Modified
2025-04-12 10:46
Severity ?
Summary
The NTT DOCOMO sp mode mail application 6300 and earlier for Android 4.0.x and 6700 and earlier for Android 4.1 through 4.4 uses weak permissions for attachments during processing of incoming e-mail messages, which allows attackers to obtain sensitive information via a crafted application.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:*:*:*:*:*:android:*:*",
"matchCriteriaId": "54A62BDA-611F-4C30-B31C-3A22EBADC915",
"versionEndIncluding": "6300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:2546:*:*:*:*:*:*:*",
"matchCriteriaId": "B6D674F3-B9B0-4E04-882A-1A99E8D64BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:2631:*:*:*:*:*:*:*",
"matchCriteriaId": "05A86980-2D42-4CDB-95F4-35ED3F1EAE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3000:*:*:*:*:*:*:*",
"matchCriteriaId": "607E5791-C8A5-43FC-9C95-6F1403A1C45A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3100:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AC61F7-11EE-4867-9817-3DAA3BC6C1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3200:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3544EA-464C-42F6-AF72-ACB58668284A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3300:*:*:*:*:*:*:*",
"matchCriteriaId": "ED607719-C78B-4716-A531-20E292BCB496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3400:*:*:*:*:*:*:*",
"matchCriteriaId": "B640DDD3-50EC-4E8B-87A7-5E49837C663C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4000:*:*:*:*:*:*:*",
"matchCriteriaId": "34AD600E-05D6-4AEE-9DC8-5DCBD0172262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4200:*:*:*:*:*:*:*",
"matchCriteriaId": "FA995ABD-6B2B-4808-9546-9553940A2A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4300:*:*:*:*:*:*:*",
"matchCriteriaId": "1593F4B2-3B53-490E-8E15-84FC0514D4AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4400:*:*:*:*:*:*:*",
"matchCriteriaId": "AE566215-3A8D-4311-99D1-B6E07CE46479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4500:*:*:*:*:*:*:*",
"matchCriteriaId": "0256B6C8-E7D2-48A1-B4A8-82437D20B813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4600:*:*:*:*:*:*:*",
"matchCriteriaId": "76B81BE2-B462-48BD-8641-0E36639073F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4700:*:*:*:*:*:*:*",
"matchCriteriaId": "CC452E75-380E-41C8-9081-08DCD806EA28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4800:*:*:*:*:*:*:*",
"matchCriteriaId": "EC44F338-BF16-402B-AB03-7FABE1457DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4900:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E8AC52-F7B1-4FDE-B146-1C4DACD0AB64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5000:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC15FCC-22F4-4BD5-8F8F-7BA73BB24531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5100:*:*:*:*:*:*:*",
"matchCriteriaId": "8967289A-8DEE-4456-A089-B3239D88C3BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5200:*:*:*:*:*:*:*",
"matchCriteriaId": "EA37E3D6-87C3-4CB2-A16F-18AB9CA9A31C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5300:*:*:*:*:*:*:*",
"matchCriteriaId": "42AFE304-60F2-413C-8953-A7B16DB52C01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5400:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9A41DC-F103-4B41-87D2-2BA41B1EBEDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5500:*:*:*:*:*:*:*",
"matchCriteriaId": "DA76F398-B411-412B-9746-D15E08E73C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5550:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1F93A3-B514-4426-9DD1-8D34AB8D4F8A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A39C31E3-75C0-4E92-A6B5-7D67B22E3449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB318EA4-2908-4B91-8DBB-20008FDF528A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1F4E46A9-B652-47CE-92E8-01021E57724B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9B53C6-AE84-4A45-B83E-8E5CE44F7B93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36DD8E3F-6308-4680-B932-4CBD8E58A7FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:*:*:*:*:*:android:*:*",
"matchCriteriaId": "44C3C6B2-F151-49F9-8AEE-3B7AA0D142D3",
"versionEndIncluding": "6700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:2546:*:*:*:*:*:*:*",
"matchCriteriaId": "B6D674F3-B9B0-4E04-882A-1A99E8D64BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:2631:*:*:*:*:*:*:*",
"matchCriteriaId": "05A86980-2D42-4CDB-95F4-35ED3F1EAE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3000:*:*:*:*:*:*:*",
"matchCriteriaId": "607E5791-C8A5-43FC-9C95-6F1403A1C45A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3100:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AC61F7-11EE-4867-9817-3DAA3BC6C1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3200:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3544EA-464C-42F6-AF72-ACB58668284A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3300:*:*:*:*:*:*:*",
"matchCriteriaId": "ED607719-C78B-4716-A531-20E292BCB496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3400:*:*:*:*:*:*:*",
"matchCriteriaId": "B640DDD3-50EC-4E8B-87A7-5E49837C663C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4000:*:*:*:*:*:*:*",
"matchCriteriaId": "34AD600E-05D6-4AEE-9DC8-5DCBD0172262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4200:*:*:*:*:*:*:*",
"matchCriteriaId": "FA995ABD-6B2B-4808-9546-9553940A2A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4300:*:*:*:*:*:*:*",
"matchCriteriaId": "1593F4B2-3B53-490E-8E15-84FC0514D4AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4400:*:*:*:*:*:*:*",
"matchCriteriaId": "AE566215-3A8D-4311-99D1-B6E07CE46479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4500:*:*:*:*:*:*:*",
"matchCriteriaId": "0256B6C8-E7D2-48A1-B4A8-82437D20B813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4600:*:*:*:*:*:*:*",
"matchCriteriaId": "76B81BE2-B462-48BD-8641-0E36639073F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4700:*:*:*:*:*:*:*",
"matchCriteriaId": "CC452E75-380E-41C8-9081-08DCD806EA28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4800:*:*:*:*:*:*:*",
"matchCriteriaId": "EC44F338-BF16-402B-AB03-7FABE1457DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4900:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E8AC52-F7B1-4FDE-B146-1C4DACD0AB64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5000:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC15FCC-22F4-4BD5-8F8F-7BA73BB24531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5100:*:*:*:*:*:*:*",
"matchCriteriaId": "8967289A-8DEE-4456-A089-B3239D88C3BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5200:*:*:*:*:*:*:*",
"matchCriteriaId": "EA37E3D6-87C3-4CB2-A16F-18AB9CA9A31C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5300:*:*:*:*:*:*:*",
"matchCriteriaId": "42AFE304-60F2-413C-8953-A7B16DB52C01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5400:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9A41DC-F103-4B41-87D2-2BA41B1EBEDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5500:*:*:*:*:*:*:*",
"matchCriteriaId": "DA76F398-B411-412B-9746-D15E08E73C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5550:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1F93A3-B514-4426-9DD1-8D34AB8D4F8A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA9F0F7-D592-481E-884C-B1A94E702825",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CD857E7-B878-49F9-BDDA-93DDEBB0B42B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FBDABB6C-FFF9-4E79-9EF1-BDC0BBDEA9F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A47AB858-36DE-4330-8CAC-1B46C5C8DA80",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49413FF7-7910-4F74-B106-C3170612CB2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A8882E50-7C49-4A99-91F2-DF979CF8BB2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "98C32982-095C-4628-9958-118A3D3A9CAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NTT DOCOMO sp mode mail application 6300 and earlier for Android 4.0.x and 6700 and earlier for Android 4.1 through 4.4 uses weak permissions for attachments during processing of incoming e-mail messages, which allows attackers to obtain sensitive information via a crafted application."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n de correo NTT DOCOMO sp mode 6300 y anteriores para Android 4.0.x y 6700 y anteriores para Android 4.1 hasta 4.4 utiliza permisos d\u00e9biles para adjuntos durante el procesamiento de mensajes email entrantes, lo que permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de una aplicaci\u00f3n manipulada."
}
],
"id": "CVE-2014-1977",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-19T14:17:45.070",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN81739241/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN81739241/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000027"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…