Search criteria
3 vulnerabilities found for twicca by tetsuya_aoyama
FKIE_CVE-2012-0326
Vulnerability from fkie_nvd - Published: 2012-03-17 10:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tetsuya_aoyama | twicca | 0.7.0 | |
| tetsuya_aoyama | twicca | 0.8.8 | |
| tetsuya_aoyama | twicca | 0.9.4g | |
| tetsuya_aoyama | twicca | 0.9.4g2 | |
| tetsuya_aoyama | twicca | 0.9.13 | |
| tetsuya_aoyama | twicca | 0.9.13a | |
| tetsuya_aoyama | twicca | 0.9.13b-rc2 | |
| tetsuya_aoyama | twicca | 0.9.16 | |
| tetsuya_aoyama | twicca | 0.9.17b | |
| tetsuya_aoyama | twicca | 0.9.20 | |
| tetsuya_aoyama | twicca | 0.9.20a | |
| tetsuya_aoyama | twicca | 0.9.20b | |
| tetsuya_aoyama | twicca | 0.9.20c | |
| tetsuya_aoyama | twicca | 0.9.20e | |
| tetsuya_aoyama | twicca | 0.9.26 | |
| tetsuya_aoyama | twicca | 0.9.26c | |
| tetsuya_aoyama | twicca | 0.9.26c2 | |
| tetsuya_aoyama | twicca | 0.9.30 | |
| tetsuya_aoyama | twicca | 0.9.31 | |
| tetsuya_aoyama | twicca | 0.9.31a | |
| android | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88F37994-AE64-42F2-B19F-DE81A5AD9B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BAB554DC-480B-4300-889C-FBB3D5CC91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.4g:rc2:*:*:*:*:*:*",
"matchCriteriaId": "45D1523B-2707-4C6F-A798-913765F9BEB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.4g2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "30DC3D53-6C21-4F73-9F64-0924A543DB26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "BDE5CAA0-C481-4E03-AB5C-D3C1C3F1B9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13a:rc2:*:*:*:*:*:*",
"matchCriteriaId": "ED34391F-1410-4A80-9968-651365B914BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.13b-rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "A65F2485-0D35-4A3F-8CCC-31AED7DB21B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.16:*:*:*:*:*:*:*",
"matchCriteriaId": "F2419DA1-50B9-47B4-B6DE-B31DA2A96FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.17b:*:*:*:*:*:*:*",
"matchCriteriaId": "C63ABD69-5A71-455C-B6CC-04765DA206DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20:*:*:*:*:*:*:*",
"matchCriteriaId": "5997AC82-BA35-4E42-A7DE-757FAD330CF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20a:*:*:*:*:*:*:*",
"matchCriteriaId": "1C321B08-AD94-4703-ADD0-ECFC13DAB3F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20b:*:*:*:*:*:*:*",
"matchCriteriaId": "C129F6E9-54C3-44CA-AFB9-65809C0A915F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20c:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9A64ED-D608-4BBA-80B0-286F206D53E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.20e:*:*:*:*:*:*:*",
"matchCriteriaId": "F22A8ACE-8650-4CFB-8843-E4BF697C5418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.26:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE1A05D-3FFE-4D11-8EB4-8B1DB0218DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.26c:*:*:*:*:*:*:*",
"matchCriteriaId": "93C49F29-39EB-4967-9D87-4952D5988F93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.26c2:*:*:*:*:*:*:*",
"matchCriteriaId": "1655A49D-E73E-4402-8D18-3EF37728EE0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.30:*:*:*:*:*:*:*",
"matchCriteriaId": "FE5D74E8-2022-4481-A95C-1BFC1F7BC5B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.31:*:*:*:*:*:*:*",
"matchCriteriaId": "87F430D8-66E1-4451-9591-A492D80A9BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetsuya_aoyama:twicca:0.9.31a:*:*:*:*:*:*:*",
"matchCriteriaId": "672943A8-C7D5-4118-838F-CD61925D6B09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n twicca v0.7.0 hasta v0.9.30 para Android no restringe correctamente el uso de los privilegios de red, permitiendo que atacantes remotos lean ficheros en la tarjeta SD mediante una aplicaci\u00f3n manipulada."
}
],
"id": "CVE-2012-0326",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-17T10:55:01.327",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN31860555/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000024"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://osvdb.org/80106"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch"
],
"url": "http://twicca.r246.jp/notice/"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/52442"
},
{
"source": "vultures@jpcert.or.jp",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73951"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://play.google.com/store/apps/details?id=jp.r246.twicca"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN31860555/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://twicca.r246.jp/notice/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://play.google.com/store/apps/details?id=jp.r246.twicca"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-0326 (GCVE-0-2012-0326)
Vulnerability from cvelistv5 – Published: 2012-03-17 10:00 – Updated: 2024-08-06 18:23
VLAI?
Summary
The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:30.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "twicca-android-sec-bypass(73951)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://play.google.com/store/apps/details?id=jp.r246.twicca"
},
{
"name": "JVNDB-2012-000024",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000024"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://twicca.r246.jp/notice/"
},
{
"name": "52442",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52442"
},
{
"name": "80106",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80106"
},
{
"name": "JVN#31860555",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN31860555/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-10T20:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "twicca-android-sec-bypass(73951)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://play.google.com/store/apps/details?id=jp.r246.twicca"
},
{
"name": "JVNDB-2012-000024",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000024"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://twicca.r246.jp/notice/"
},
{
"name": "52442",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52442"
},
{
"name": "80106",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80106"
},
{
"name": "JVN#31860555",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN31860555/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2012-0326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "twicca-android-sec-bypass(73951)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73951"
},
{
"name": "https://play.google.com/store/apps/details?id=jp.r246.twicca",
"refsource": "CONFIRM",
"url": "https://play.google.com/store/apps/details?id=jp.r246.twicca"
},
{
"name": "JVNDB-2012-000024",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000024"
},
{
"name": "http://twicca.r246.jp/notice/",
"refsource": "CONFIRM",
"url": "http://twicca.r246.jp/notice/"
},
{
"name": "52442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52442"
},
{
"name": "80106",
"refsource": "OSVDB",
"url": "http://osvdb.org/80106"
},
{
"name": "JVN#31860555",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN31860555/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2012-0326",
"datePublished": "2012-03-17T10:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:30.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0326 (GCVE-0-2012-0326)
Vulnerability from nvd – Published: 2012-03-17 10:00 – Updated: 2024-08-06 18:23
VLAI?
Summary
The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:30.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "twicca-android-sec-bypass(73951)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://play.google.com/store/apps/details?id=jp.r246.twicca"
},
{
"name": "JVNDB-2012-000024",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000024"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://twicca.r246.jp/notice/"
},
{
"name": "52442",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52442"
},
{
"name": "80106",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80106"
},
{
"name": "JVN#31860555",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN31860555/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-10T20:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "twicca-android-sec-bypass(73951)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://play.google.com/store/apps/details?id=jp.r246.twicca"
},
{
"name": "JVNDB-2012-000024",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000024"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://twicca.r246.jp/notice/"
},
{
"name": "52442",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52442"
},
{
"name": "80106",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80106"
},
{
"name": "JVN#31860555",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN31860555/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2012-0326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "twicca-android-sec-bypass(73951)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73951"
},
{
"name": "https://play.google.com/store/apps/details?id=jp.r246.twicca",
"refsource": "CONFIRM",
"url": "https://play.google.com/store/apps/details?id=jp.r246.twicca"
},
{
"name": "JVNDB-2012-000024",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000024"
},
{
"name": "http://twicca.r246.jp/notice/",
"refsource": "CONFIRM",
"url": "http://twicca.r246.jp/notice/"
},
{
"name": "52442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52442"
},
{
"name": "80106",
"refsource": "OSVDB",
"url": "http://osvdb.org/80106"
},
{
"name": "JVN#31860555",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN31860555/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2012-0326",
"datePublished": "2012-03-17T10:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:30.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}