Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1244

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2012-1244
Last Modified 05 Mar 2014 02:15:32
Published 27 Apr 2012 02:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-1244

Summary

The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vulnerable Systems

Application

  • Nttdocomo Spmode Mail Android 2546

  • Nttdocomo Spmode Mail Android 2631

  • Nttdocomo Spmode Mail Android 3000

  • Nttdocomo Spmode Mail Android 3100

  • Nttdocomo Spmode Mail Android 3200

  • Nttdocomo Spmode Mail Android 3300

  • Nttdocomo Spmode Mail Android 3400

  • Nttdocomo Spmode Mail Android 4000

  • Nttdocomo Spmode Mail Android 4200

  • Nttdocomo Spmode Mail Android 4300

  • Nttdocomo Spmode Mail Android 4400

  • Nttdocomo Spmode Mail Android 4500

  • Nttdocomo Spmode Mail Android 4600

  • Nttdocomo Spmode Mail Android 4700

  • Nttdocomo Spmode Mail Android 4800

  • Nttdocomo Spmode Mail Android 4900

  • Nttdocomo Spmode Mail Android 5000

  • Nttdocomo Spmode Mail Android 5100

  • Nttdocomo Spmode Mail Android 5200

  • Nttdocomo Spmode Mail Android 5300

  • Nttdocomo Spmode Mail Android 5400


References

JVNDB - JVNDB-2012-000037

JVN - JVN#82029095


Last Updated: 27 May 2016 10:49:35