CVE-2012-4007

mixi < 4.2.9 - Unauthorized Exposure of Sensitive Information via SD Card Storage

Title source: llm
STIX 2.1

Description

The mixi application before 4.3.0 for Android allows remote attackers to read potentially sensitive information in friends' comments via a crafted application that leverages the storage of these comments on an SD card.

References (2)

Core 2
Core References
Third Party Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000078
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN92038939/index.html

Scores

EPSS 0.0107
EPSS Percentile 60.8%

Details

CWE
CWE-200
Status published
Products (1)
mixi/mixi < 4.2.9
Published Aug 17, 2012
Tracked Since Feb 18, 2026