JVN#89260331
sp mode mail vulnerability where Java methods may be executed
Overview
sp mode mail provided by NTT DOCOMO contains a vulnerability where Java methods may be executed.
Products Affected
- sp mode mail rev.5900 through rev.6300 for Android 4.0.X and earlier
- sp mode mail rev.6000 (initial version) through rev.6620 for Android 4.1 and later
Description
sp mode mail provided by NTT DOCOMO contains an issue in the processing Deco-mail emoticon POP, which may lead to the execution of arbitrary Java methods that can be executed with the privileges of sp mode mail.
Impact
When a specially crafted email is opened, an arbitrary Java method that can be executed with the privileges of sp mode mail may be executed.
Solution
Update the software
Update to the latest version according to the information provided by developer.
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Analyzed on 2014.03.18
| Measures | Conditions | Severity |
|---|---|---|
| Access Required | can be attacked over the Internet using packets |
|
| Authentication | anonymous or no authentication (IP addresses do not count) |
|
| User Interaction Required | the vulnerability can be exploited without an honest user taking any action |
|
| Exploit Complexity | some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls) |
|
Description of each analysis measures
Comment
This analysis assumes that a user receives and opens a specially crafted email.
Credit
Hironori Tokuta reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2014-1979 |
| JVN iPedia |
JVNDB-2014-000029 |