CVSS: 4.3EPSS: 0%CPEs: 61EXPL: 0CVE-2014-1977
https://notcve.org/view.php?id=CVE-2014-1977
The NTT DOCOMO sp mode mail application 6300 and earlier for Android 4.0.x and 6700 and earlier for Android 4.1 through 4.4 uses weak permissions for attachments during processing of incoming e-mail messages, which allows attackers to obtain sensitive information via a crafted application. La aplicación de correo NTT DOCOMO sp mode 6300 y anteriores para Android 4.0.x y 6700 y anteriores para Android 4.1 hasta 4.4 utiliza permisos débiles para adjuntos durante el procesamiento de mensajes email entrantes, lo que permite a atacantes remotos obtener información sensible a través de una aplicación manipulada. • http://jvn.jp/en/jp/JVN81739241/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000027 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.8EPSS: 0%CPEs: 21EXPL: 0CVE-2012-1244
https://notcve.org/view.php?id=CVE-2012-1244
The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. La aplicación de correo para Android NTT DoCoMo sp mode v5400 y anteriores no verifica correctamente los certificados X.509 de servidores SSL, lo que permite falsificar servidores a atacantes man-in-the-middle y obtener información sensible a través de un certificado hecho a mano. • http://jvn.jp/en/jp/JVN82029095/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-000037 http://osvdb.org/81629 http://secunia.com/advisories/48955 http://www.securityfocus.com/bid/53254 https://exchange.xforce.ibmcloud.com/vulnerabilities/75159 • CWE-310: Cryptographic Issues •