The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tetsuya_aoyama | twicca | 0.9.13 |
| tetsuya_aoyama | twicca | 0.9.20a |
| tetsuya_aoyama | twicca | 0.9.31 |
| tetsuya_aoyama | twicca | 0.9.17b |
| tetsuya_aoyama | twicca | 0.7.0 |
| tetsuya_aoyama | twicca | 0.9.4g2 |
| tetsuya_aoyama | twicca | 0.9.26 |
| tetsuya_aoyama | twicca | 0.9.4g |
| tetsuya_aoyama | twicca | 0.9.20 |
| tetsuya_aoyama | twicca | 0.9.20b |
| tetsuya_aoyama | twicca | 0.9.13a |
| tetsuya_aoyama | twicca | 0.9.20c |
| tetsuya_aoyama | twicca | 0.9.26c |
| tetsuya_aoyama | twicca | 0.8.8 |
| tetsuya_aoyama | twicca | 0.9.20e |
| tetsuya_aoyama | twicca | 0.9.26c2 |
| tetsuya_aoyama | twicca | 0.9.31a |
| tetsuya_aoyama | twicca | 0.9.16 |
| tetsuya_aoyama | twicca | 0.9.13b-rc2 |
| tetsuya_aoyama | twicca | 0.9.30 |