CVE-2014-1977
Severity CVSS v4.0:
Pending analysis
Type:
CWE-264
Permissions, Privileges, and Access Control
Publication date:
19/03/2014
Last modified:
12/04/2025
Description
The NTT DOCOMO sp mode mail application 6300 and earlier for Android 4.0.x and 6700 and earlier for Android 4.1 through 4.4 uses weak permissions for attachments during processing of incoming e-mail messages, which allows attackers to obtain sensitive information via a crafted application.
Impact
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:nttdocomo:spmode_mail_android:*:*:*:*:*:android:*:* | 6300 (including) | |
| cpe:2.3:a:nttdocomo:spmode_mail_android:2546:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:2631:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:3000:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:3100:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:3200:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:3300:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:3400:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:4000:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:4200:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:4300:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:4400:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:4500:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:4600:*:*:*:*:*:*:* | ||
| cpe:2.3:a:nttdocomo:spmode_mail_android:4700:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page