Search criteria
4 vulnerabilities found for openwnn by omron
VAR-201303-0180
Vulnerability from variot - Updated: 2023-12-18 12:09The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem. OpenWnn for Android contains an issue in the access permissions for certain files. OpenWnn provided by OMRON SOFTWARE Co., Ltd. is a Japanese Input Method Editor (IME). OpenWnn for Android contains an issue in the access permissions for certain files. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. OpenWnn for Android is prone to an information-disclosure vulnerability. Successful exploits allow an attacker to gain access to sensitive information. Information obtained may aid in further attacks. OpenWnn for Android 1.3.5 and prior are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0180",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openwnn",
"scope": "eq",
"trust": 1.6,
"vendor": "omron",
"version": "1.3.3"
},
{
"model": "openwnn",
"scope": "eq",
"trust": 1.6,
"vendor": "omron",
"version": "1.2"
},
{
"model": "openwnn",
"scope": "eq",
"trust": 1.6,
"vendor": "omron",
"version": "1.3.4"
},
{
"model": "openwnn",
"scope": "eq",
"trust": 1.6,
"vendor": "omron",
"version": "1.1"
},
{
"model": "openwnn",
"scope": "eq",
"trust": 1.6,
"vendor": "omron",
"version": "1.3.2"
},
{
"model": "openwnn",
"scope": "eq",
"trust": 1.6,
"vendor": "omron",
"version": "1.3"
},
{
"model": "openwnn",
"scope": "eq",
"trust": 1.6,
"vendor": "omron",
"version": "1.3.1"
},
{
"model": "openwnn",
"scope": "eq",
"trust": 1.6,
"vendor": "omron",
"version": "1.0"
},
{
"model": "openwnn",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.3.5"
},
{
"model": "openwnn for android",
"scope": "lte",
"trust": 0.8,
"vendor": "omron",
"version": "1.3.5"
},
{
"model": "android omron openwnn",
"scope": "lte",
"trust": 0.6,
"vendor": "omron",
"version": "\u003c=1.3.6"
},
{
"model": "openwnn",
"scope": "eq",
"trust": 0.6,
"vendor": "omron",
"version": "1.3.5"
},
{
"model": "software openwnn for android",
"scope": "eq",
"trust": 0.3,
"vendor": "omron",
"version": "1.3.5"
},
{
"model": "software openwnn for android",
"scope": "ne",
"trust": 0.3,
"vendor": "omron",
"version": "1.3.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openwnn",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openwnn",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openwnn",
"version": "1.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openwnn",
"version": "1.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openwnn",
"version": "1.3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openwnn",
"version": "1.3.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openwnn",
"version": "1.3.3"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openwnn",
"version": "1.3.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "openwnn",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "05162674-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02534"
},
{
"db": "BID",
"id": "58784"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000025"
},
{
"db": "NVD",
"id": "CVE-2013-2301"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-599"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:omron:openwnn:1.2:-:*:*:*:android:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:omron:openwnn:1.1:-:*:*:*:android:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:omron:openwnn:1.0:-:*:*:*:android:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:omron:openwnn:*:-:*:*:*:android:*:*",
"cpe_name": [],
"versionEndIncluding": "1.3.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:omron:openwnn:1.3.4:-:*:*:*:android:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:omron:openwnn:1.3.2:-:*:*:*:android:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:omron:openwnn:1.3:-:*:*:*:android:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:omron:openwnn:1.3.3:-:*:*:*:android:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:omron:openwnn:1.3.1:-:*:*:*:android:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2301"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gaku Mochizuki of Mitsui Bussan Secure Directions",
"sources": [
{
"db": "BID",
"id": "58784"
}
],
"trust": 0.3
},
"cve": "CVE-2013-2301",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 2.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2013-000025",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CNVD-2013-02534",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "05162674-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-62303",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-2301",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2013-000025",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2013-02534",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201303-599",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "05162674-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-62303",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "05162674-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02534"
},
{
"db": "VULHUB",
"id": "VHN-62303"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000025"
},
{
"db": "NVD",
"id": "CVE-2013-2301"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-599"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem. OpenWnn for Android contains an issue in the access permissions for certain files. OpenWnn provided by OMRON SOFTWARE Co., Ltd. is a Japanese Input Method Editor (IME). OpenWnn for Android contains an issue in the access permissions for certain files. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. OpenWnn for Android is prone to an information-disclosure vulnerability. \nSuccessful exploits allow an attacker to gain access to sensitive information. Information obtained may aid in further attacks. \nOpenWnn for Android 1.3.5 and prior are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2301"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000025"
},
{
"db": "CNVD",
"id": "CNVD-2013-02534"
},
{
"db": "BID",
"id": "58784"
},
{
"db": "IVD",
"id": "05162674-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-62303"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2301",
"trust": 3.6
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000025",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVN01167429",
"trust": 2.8
},
{
"db": "CNNVD",
"id": "CNNVD-201303-599",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-02534",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVN#01167429",
"trust": 0.6
},
{
"db": "BID",
"id": "58784",
"trust": 0.4
},
{
"db": "IVD",
"id": "05162674-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-62303",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "05162674-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02534"
},
{
"db": "VULHUB",
"id": "VHN-62303"
},
{
"db": "BID",
"id": "58784"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000025"
},
{
"db": "NVD",
"id": "CVE-2013-2301"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-599"
}
]
},
"id": "VAR-201303-0180",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "05162674-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02534"
},
{
"db": "VULHUB",
"id": "VHN-62303"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "05162674-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02534"
}
]
},
"last_update_date": "2023-12-18T12:09:26.699000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OMRON SOFTWARE Co., Ltd. website",
"trust": 0.8,
"url": "https://android.googlesource.com/platform/packages/inputmethods/openwnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/changelog.txt"
},
{
"title": "Android OMRON OpenWnn file permission setting vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33099"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02534"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000025"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62303"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000025"
},
{
"db": "NVD",
"id": "CVE-2013-2301"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://jvn.jp/en/jp/jvn01167429/index.html"
},
{
"trust": 2.0,
"url": "https://android.googlesource.com/platform/packages/inputmethods/openwnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/changelog.txt"
},
{
"trust": 1.7,
"url": "http://jvn.jp/en/jp/jvn01167429/995309/index.html"
},
{
"trust": 1.7,
"url": "http://jvndb.jvn.jp/jvndb/jvndb-2013-000025"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2301"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2301"
},
{
"trust": 0.6,
"url": "http://jvndb.jvn.jp/en/contents/2013/jvndb-2013-000025.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02534"
},
{
"db": "VULHUB",
"id": "VHN-62303"
},
{
"db": "BID",
"id": "58784"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000025"
},
{
"db": "NVD",
"id": "CVE-2013-2301"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-599"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "05162674-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02534"
},
{
"db": "VULHUB",
"id": "VHN-62303"
},
{
"db": "BID",
"id": "58784"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-000025"
},
{
"db": "NVD",
"id": "CVE-2013-2301"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-599"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-02T00:00:00",
"db": "IVD",
"id": "05162674-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-04-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02534"
},
{
"date": "2013-03-29T00:00:00",
"db": "VULHUB",
"id": "VHN-62303"
},
{
"date": "2013-03-29T00:00:00",
"db": "BID",
"id": "58784"
},
{
"date": "2013-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-000025"
},
{
"date": "2013-03-29T16:09:05.990000",
"db": "NVD",
"id": "CVE-2013-2301"
},
{
"date": "2013-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-599"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02534"
},
{
"date": "2013-03-29T00:00:00",
"db": "VULHUB",
"id": "VHN-62303"
},
{
"date": "2013-03-29T00:00:00",
"db": "BID",
"id": "58784"
},
{
"date": "2013-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-000025"
},
{
"date": "2013-03-29T16:09:05.990000",
"db": "NVD",
"id": "CVE-2013-2301"
},
{
"date": "2013-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-599"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-599"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenWnn for Android vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-000025"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-599"
}
],
"trust": 0.6
}
}
FKIE_CVE-2013-2301
Vulnerability from fkie_nvd - Published: 2013-03-29 16:09 - Updated: 2025-04-11 00:51
Severity ?
Summary
The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:omron:openwnn:*:-:*:*:*:android:*:*",
"matchCriteriaId": "28537A22-D50C-4BBE-9DA8-435D7091B320",
"versionEndIncluding": "1.3.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:omron:openwnn:1.0:-:*:*:*:android:*:*",
"matchCriteriaId": "9BCF74B3-327F-4AF3-A271-FFFDE74E2D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:omron:openwnn:1.1:-:*:*:*:android:*:*",
"matchCriteriaId": "3FD4E52B-E814-4B19-997F-54CEB06563AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:omron:openwnn:1.2:-:*:*:*:android:*:*",
"matchCriteriaId": "03A1B1F1-6FE2-4302-85D1-D18C4AB0F5A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:omron:openwnn:1.3:-:*:*:*:android:*:*",
"matchCriteriaId": "DABD5C05-E2E5-469F-BC69-183C9FF730BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:omron:openwnn:1.3.1:-:*:*:*:android:*:*",
"matchCriteriaId": "6AF96E14-C457-408F-9CFA-285ED054C0DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:omron:openwnn:1.3.2:-:*:*:*:android:*:*",
"matchCriteriaId": "D941F6C0-8765-42F9-954F-7875A72D8C1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:omron:openwnn:1.3.3:-:*:*:*:android:*:*",
"matchCriteriaId": "7EF178A1-13B7-440C-8C0E-11945433AE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:omron:openwnn:1.3.4:-:*:*:*:android:*:*",
"matchCriteriaId": "78DA20B5-6DE1-4F44-B70D-1E00E74962B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n OMRON OpenWnn anterior a v1.3.6 para Android usa permisos d\u00e9biles para archivos sin especificar, lo que permite a atacantes remotos obtener informaci\u00f3n a trav\u00e9s de una aplicaci\u00f3n que accede al sistema de archivos local."
}
],
"id": "CVE-2013-2301",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-29T16:09:05.990",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN01167429/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
},
{
"source": "vultures@jpcert.or.jp",
"url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN01167429/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2013-2301 (GCVE-0-2013-2301)
Vulnerability from cvelistv5 – Published: 2013-03-29 10:00 – Updated: 2024-09-16 23:31
VLAI?
Summary
The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:44.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
},
{
"name": "JVN#01167429",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN01167429/index.html"
},
{
"name": "JVNDB-2013-000025",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-29T10:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
},
{
"name": "JVN#01167429",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN01167429/index.html"
},
{
"name": "JVNDB-2013-000025",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-2301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
},
{
"name": "JVN#01167429",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN01167429/index.html"
},
{
"name": "JVNDB-2013-000025",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
},
{
"name": "http://jvn.jp/en/jp/JVN01167429/995309/index.html",
"refsource": "CONFIRM",
"url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-2301",
"datePublished": "2013-03-29T10:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-16T23:31:22.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2301 (GCVE-0-2013-2301)
Vulnerability from nvd – Published: 2013-03-29 10:00 – Updated: 2024-09-16 23:31
VLAI?
Summary
The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:44.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
},
{
"name": "JVN#01167429",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN01167429/index.html"
},
{
"name": "JVNDB-2013-000025",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-29T10:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
},
{
"name": "JVN#01167429",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN01167429/index.html"
},
{
"name": "JVNDB-2013-000025",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-2301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa242169b7a51c2381daee58ff22fd1834ce/ChangeLog.txt"
},
{
"name": "JVN#01167429",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN01167429/index.html"
},
{
"name": "JVNDB-2013-000025",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025"
},
{
"name": "http://jvn.jp/en/jp/JVN01167429/995309/index.html",
"refsource": "CONFIRM",
"url": "http://jvn.jp/en/jp/JVN01167429/995309/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-2301",
"datePublished": "2013-03-29T10:00:00Z",
"dateReserved": "2013-03-04T00:00:00Z",
"dateUpdated": "2024-09-16T23:31:22.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}