Published:2014/03/18  Last Updated:2014/03/18

sp mode mail vulnerability where Java methods may be executed


sp mode mail provided by NTT DOCOMO contains a vulnerability where Java methods may be executed.

Products Affected

  • sp mode mail rev.5900 through rev.6300 for Android 4.0.X and earlier
  • sp mode mail rev.6000 (initial version) through rev.6620 for Android 4.1 and later


sp mode mail provided by NTT DOCOMO contains an issue in the processing Deco-mail emoticon POP, which may lead to the execution of arbitrary Java methods that can be executed with the privileges of sp mode mail.


When a specially crafted email is opened, an arbitrary Java method that can be executed with the privileges of sp mode mail may be executed.


Update the software
Update to the latest version according to the information provided by developer.

Vendor Status

Vendor Status Last Update Vendor Notes
NTT DOCOMO, INC. Vulnerable 2014/03/18


JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Analyzed on 2014.03.18

Measures Conditions Severity
Access Required can be attacked over the Internet using packets
  • High
Authentication anonymous or no authentication (IP addresses do not count)
  • High
User Interaction Required the vulnerability can be exploited without an honest user taking any action
  • High
Exploit Complexity some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls)
  • Mid-High

Description of each analysis measures


This analysis assumes that a user receives and opens a specially crafted email.


Hironori Tokuta reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Reports
CERT Advisory
CPNI Advisory
CVE CVE-2014-1979
JVN iPedia JVNDB-2014-000029