FKIE_CVE-2014-1977
Vulnerability from fkie_nvd - Published: 2014-03-19 14:17 - Updated: 2025-04-12 10:46
Severity ?
Summary
The NTT DOCOMO sp mode mail application 6300 and earlier for Android 4.0.x and 6700 and earlier for Android 4.1 through 4.4 uses weak permissions for attachments during processing of incoming e-mail messages, which allows attackers to obtain sensitive information via a crafted application.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:*:*:*:*:*:android:*:*",
"matchCriteriaId": "54A62BDA-611F-4C30-B31C-3A22EBADC915",
"versionEndIncluding": "6300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:2546:*:*:*:*:*:*:*",
"matchCriteriaId": "B6D674F3-B9B0-4E04-882A-1A99E8D64BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:2631:*:*:*:*:*:*:*",
"matchCriteriaId": "05A86980-2D42-4CDB-95F4-35ED3F1EAE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3000:*:*:*:*:*:*:*",
"matchCriteriaId": "607E5791-C8A5-43FC-9C95-6F1403A1C45A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3100:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AC61F7-11EE-4867-9817-3DAA3BC6C1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3200:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3544EA-464C-42F6-AF72-ACB58668284A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3300:*:*:*:*:*:*:*",
"matchCriteriaId": "ED607719-C78B-4716-A531-20E292BCB496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3400:*:*:*:*:*:*:*",
"matchCriteriaId": "B640DDD3-50EC-4E8B-87A7-5E49837C663C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4000:*:*:*:*:*:*:*",
"matchCriteriaId": "34AD600E-05D6-4AEE-9DC8-5DCBD0172262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4200:*:*:*:*:*:*:*",
"matchCriteriaId": "FA995ABD-6B2B-4808-9546-9553940A2A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4300:*:*:*:*:*:*:*",
"matchCriteriaId": "1593F4B2-3B53-490E-8E15-84FC0514D4AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4400:*:*:*:*:*:*:*",
"matchCriteriaId": "AE566215-3A8D-4311-99D1-B6E07CE46479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4500:*:*:*:*:*:*:*",
"matchCriteriaId": "0256B6C8-E7D2-48A1-B4A8-82437D20B813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4600:*:*:*:*:*:*:*",
"matchCriteriaId": "76B81BE2-B462-48BD-8641-0E36639073F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4700:*:*:*:*:*:*:*",
"matchCriteriaId": "CC452E75-380E-41C8-9081-08DCD806EA28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4800:*:*:*:*:*:*:*",
"matchCriteriaId": "EC44F338-BF16-402B-AB03-7FABE1457DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4900:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E8AC52-F7B1-4FDE-B146-1C4DACD0AB64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5000:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC15FCC-22F4-4BD5-8F8F-7BA73BB24531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5100:*:*:*:*:*:*:*",
"matchCriteriaId": "8967289A-8DEE-4456-A089-B3239D88C3BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5200:*:*:*:*:*:*:*",
"matchCriteriaId": "EA37E3D6-87C3-4CB2-A16F-18AB9CA9A31C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5300:*:*:*:*:*:*:*",
"matchCriteriaId": "42AFE304-60F2-413C-8953-A7B16DB52C01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5400:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9A41DC-F103-4B41-87D2-2BA41B1EBEDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5500:*:*:*:*:*:*:*",
"matchCriteriaId": "DA76F398-B411-412B-9746-D15E08E73C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5550:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1F93A3-B514-4426-9DD1-8D34AB8D4F8A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A39C31E3-75C0-4E92-A6B5-7D67B22E3449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB318EA4-2908-4B91-8DBB-20008FDF528A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1F4E46A9-B652-47CE-92E8-01021E57724B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9B53C6-AE84-4A45-B83E-8E5CE44F7B93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36DD8E3F-6308-4680-B932-4CBD8E58A7FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:*:*:*:*:*:android:*:*",
"matchCriteriaId": "44C3C6B2-F151-49F9-8AEE-3B7AA0D142D3",
"versionEndIncluding": "6700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:2546:*:*:*:*:*:*:*",
"matchCriteriaId": "B6D674F3-B9B0-4E04-882A-1A99E8D64BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:2631:*:*:*:*:*:*:*",
"matchCriteriaId": "05A86980-2D42-4CDB-95F4-35ED3F1EAE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3000:*:*:*:*:*:*:*",
"matchCriteriaId": "607E5791-C8A5-43FC-9C95-6F1403A1C45A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3100:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AC61F7-11EE-4867-9817-3DAA3BC6C1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3200:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3544EA-464C-42F6-AF72-ACB58668284A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3300:*:*:*:*:*:*:*",
"matchCriteriaId": "ED607719-C78B-4716-A531-20E292BCB496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:3400:*:*:*:*:*:*:*",
"matchCriteriaId": "B640DDD3-50EC-4E8B-87A7-5E49837C663C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4000:*:*:*:*:*:*:*",
"matchCriteriaId": "34AD600E-05D6-4AEE-9DC8-5DCBD0172262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4200:*:*:*:*:*:*:*",
"matchCriteriaId": "FA995ABD-6B2B-4808-9546-9553940A2A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4300:*:*:*:*:*:*:*",
"matchCriteriaId": "1593F4B2-3B53-490E-8E15-84FC0514D4AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4400:*:*:*:*:*:*:*",
"matchCriteriaId": "AE566215-3A8D-4311-99D1-B6E07CE46479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4500:*:*:*:*:*:*:*",
"matchCriteriaId": "0256B6C8-E7D2-48A1-B4A8-82437D20B813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4600:*:*:*:*:*:*:*",
"matchCriteriaId": "76B81BE2-B462-48BD-8641-0E36639073F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4700:*:*:*:*:*:*:*",
"matchCriteriaId": "CC452E75-380E-41C8-9081-08DCD806EA28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4800:*:*:*:*:*:*:*",
"matchCriteriaId": "EC44F338-BF16-402B-AB03-7FABE1457DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:4900:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E8AC52-F7B1-4FDE-B146-1C4DACD0AB64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5000:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC15FCC-22F4-4BD5-8F8F-7BA73BB24531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5100:*:*:*:*:*:*:*",
"matchCriteriaId": "8967289A-8DEE-4456-A089-B3239D88C3BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5200:*:*:*:*:*:*:*",
"matchCriteriaId": "EA37E3D6-87C3-4CB2-A16F-18AB9CA9A31C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5300:*:*:*:*:*:*:*",
"matchCriteriaId": "42AFE304-60F2-413C-8953-A7B16DB52C01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5400:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9A41DC-F103-4B41-87D2-2BA41B1EBEDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5500:*:*:*:*:*:*:*",
"matchCriteriaId": "DA76F398-B411-412B-9746-D15E08E73C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nttdocomo:spmode_mail_android:5550:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1F93A3-B514-4426-9DD1-8D34AB8D4F8A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA9F0F7-D592-481E-884C-B1A94E702825",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CD857E7-B878-49F9-BDDA-93DDEBB0B42B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FBDABB6C-FFF9-4E79-9EF1-BDC0BBDEA9F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A47AB858-36DE-4330-8CAC-1B46C5C8DA80",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49413FF7-7910-4F74-B106-C3170612CB2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A8882E50-7C49-4A99-91F2-DF979CF8BB2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "98C32982-095C-4628-9958-118A3D3A9CAA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NTT DOCOMO sp mode mail application 6300 and earlier for Android 4.0.x and 6700 and earlier for Android 4.1 through 4.4 uses weak permissions for attachments during processing of incoming e-mail messages, which allows attackers to obtain sensitive information via a crafted application."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n de correo NTT DOCOMO sp mode 6300 y anteriores para Android 4.0.x y 6700 y anteriores para Android 4.1 hasta 4.4 utiliza permisos d\u00e9biles para adjuntos durante el procesamiento de mensajes email entrantes, lo que permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de una aplicaci\u00f3n manipulada."
}
],
"id": "CVE-2014-1977",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-19T14:17:45.070",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN81739241/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN81739241/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000027"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…