Vulnerability Description
The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Omron | Openwnn | <= 1.3.5 |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN01167429/995309/index.html
- http://jvn.jp/en/jp/JVN01167429/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025
- https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa
- http://jvn.jp/en/jp/JVN01167429/995309/index.html
- http://jvn.jp/en/jp/JVN01167429/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2013-000025
- https://android.googlesource.com/platform/packages/inputmethods/OpenWnn/+/59aefa
FAQ
What is CVE-2013-2301?
CVE-2013-2301 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local fi...
How severe is CVE-2013-2301?
CVE-2013-2301 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-2301?
Check the references section above for vendor advisories and patch information. Affected products include: Omron Openwnn.