CVE-2014-1978
First published: Wed Mar 19 2014(Updated: )
The application link interface in the NTT DOCOMO sp mode mail application 6100 through 6300 for Android 4.0.x and 6130 through 6700 for Android 4.1 through 4.4 writes message content to the SD card during e-mail composition, which allows attackers to obtain sensitive information via a crafted application.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nttdocomo Spmode Mail | =6100 | |
| Nttdocomo Spmode Mail | =6300 | |
| Android | =4.0 | |
| Android | =4.0.1 | |
| Android | =4.0.2 | |
| Android | =4.0.3 | |
| Android | =4.0.4 | |
| Nttdocomo Spmode Mail | =6130 | |
| Nttdocomo Spmode Mail | =6700 | |
| Android | =4.1 | |
| Android | =4.1.2 | |
| Android | =4.2 | |
| Android | =4.2.1 | |
| Android | =4.2.2 | |
| Android | =4.3 | |
| Android | =4.3.1 | |
| Android | =4.4 | |
| All of | ||
| Any of | ||
| Nttdocomo Spmode Mail | =6100 | |
| Nttdocomo Spmode Mail | =6300 | |
| Any of | ||
| Android | =4.0 | |
| Android | =4.0.1 | |
| Android | =4.0.2 | |
| Android | =4.0.3 | |
| Android | =4.0.4 | |
| All of | ||
| Any of | ||
| Nttdocomo Spmode Mail | =6130 | |
| Nttdocomo Spmode Mail | =6700 | |
| Any of | ||
| Android | =4.1 | |
| Android | =4.1.2 | |
| Android | =4.2 | |
| Android | =4.2.1 | |
| Android | =4.2.2 | |
| Android | =4.3 | |
| Android | =4.3.1 | |
| Android | =4.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-1978?
CVE-2014-1978 has a medium severity rating due to potential exposure of sensitive information.
How do I fix CVE-2014-1978?
To fix CVE-2014-1978, users should update the NTT DOCOMO sp mode mail application to a version that addresses the vulnerability.
Which versions of the NTT DOCOMO sp mode mail application are affected by CVE-2014-1978?
CVE-2014-1978 affects NTT DOCOMO sp mode mail application versions 6100, 6300, 6130, and 6700.
What devices are impacted by CVE-2014-1978?
Devices running NTT DOCOMO sp mode mail application versions 6100 to 6300 on Android 4.0.x and 6130 to 6700 on Android 4.1 to 4.4 are impacted by CVE-2014-1978.
What type of information could be exposed due to CVE-2014-1978?
CVE-2014-1978 could expose sensitive information such as email content stored on the SD card during email composition.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/first-publish-date
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/nttdocomo
- canonical/nttdocomo spmode mail
- version/nttdocomo spmode mail/6100
- version/nttdocomo spmode mail/6300
- vendor/google
- canonical/android
- version/android/4.0
- version/android/4.0.1
- version/android/4.0.2
- version/android/4.0.3
- version/android/4.0.4
- version/nttdocomo spmode mail/6130
- version/nttdocomo spmode mail/6700
- version/android/4.1
- version/android/4.1.2
- version/android/4.2
- version/android/4.2.1
- version/android/4.2.2
- version/android/4.3
- version/android/4.3.1
- version/android/4.4