CVE-2012-1244

Severity

57%

Complexity

86%

Confidentiality

81%

The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVSS 2.0 Base Score 5.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N).

Overview

Type

NTT

First reported 12 years ago

2012-04-27 18:55:00

Last updated 7 years ago

2017-12-14 02:29:00

Affected Software

NTTドコモ spモードメール for Android 2546

2546

NTT DOCOMO sp mode mail for Android 2631

2631

NTTドコモ spモードメール for Android 3000

3000

NTTドコモ spモードメール for Android 3100

3100

NTT DOCOMO sp mode mail for Android 3200

3200

NTTドコモ spモードメール for Android 3300

3300

NTTドコモ spモードメール for Android 3400

3400

NTT DOCOMO sp mode mail for Android 4000

4000

NTTドコモ spモードメール for Android 4200

4200

NTT DOCOMO sp mode mail for Android 4300

4300

NTT DOCOMO sp mode mail for Android 4400

4400

NTT DOCOMO sp mode mail for Android 4500

4500

NTT DOCOMO sp mode mail for Android 4600

4600

NTT DOCOMO sp mode mail for Android 4700

4700

NTTドコモ spモードメール for Android 4800

4800

NTT DOCOMO sp mode mail for Android 4900

4900

NTTドコモ spモードメール for Android 5000

5000

NTT DOCOMO sp mode mail for Android 5100

5100

NTTドコモ spモードメール for Android 5200

5200

NTT DOCOMO sp mode mail for Android 5300

5300

References

JVN#82029095

JVNDB-2012-000037

81629

48955

53254

spmode-android-ssl-spoofing(75159)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.