CVE-2012-4007
mixi < 4.2.9 - Unauthorized Exposure of Sensitive Information via SD Card Storage
Title source: llmDescription
The mixi application before 4.3.0 for Android allows remote attackers to read potentially sensitive information in friends' comments via a crafted application that leverages the storage of these comments on an SD card.
References (2)
Core 2
Core References
Third Party Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000078
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN92038939/index.html
Scores
EPSS
0.0107
EPSS Percentile
60.8%
Details
CWE
CWE-200
Status
published
Products (1)
mixi/mixi
< 4.2.9
Published
Aug 17, 2012
Tracked Since
Feb 18, 2026