CVE-2013-3659
low
CVSS v3
—
CVSS v2
3.3
VIR risk
3.3
Description
The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for Android does not properly connect to Wi-Fi access points, which allows remote attackers to obtain sensitive information by leveraging presence in an 802.11 network's coverage area.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| nttdocomo | overseas_usage | 2.0.0 | |
| nttdocomo | overseas_usage | 2.0.4 | |
References
- http://jvn.jp/en/jp/JVN44035194/995312/index.html
- http://jvn.jp/en/jp/JVN44035194/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2013-000075
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86361
- https://play.google.com/store/apps/details?id=com.nttdocomo.android.gs.utility
- http://jvn.jp/en/jp/JVN44035194/995312/index.html
- http://jvn.jp/en/jp/JVN44035194/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2013-000075
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86361
- https://play.google.com/store/apps/details?id=com.nttdocomo.android.gs.utility
CWEs
CWE-287
Verify integrity in audit chain (admin only). AS-IS.