twicca Unspecified Security Bypass Vulnerability
BID:52442
Info
twicca Unspecified Security Bypass Vulnerability
| Bugtraq ID: | 52442 |
| Class: | Access Validation Error |
| CVE: |
CVE-2012-0326 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 13 2012 12:00AM |
| Updated: | Jan 11 2013 01:10PM |
| Credit: | Kazuhiko Kusano |
| Vulnerable: |
Tetsuya Aoyama twicca 0.9.30 |
| Not Vulnerable: |
Tetsuya Aoyama twicca 0.9.31 |
Discussion
twicca Unspecified Security Bypass Vulnerability
twicca is prone to an unspecified security-bypass vulnerability.
Exploiting this issue could allow an attacker to bypass certain security restrictions and upload media files from the device.
twicca versions prior to 0.9.30 are vulnerable.
twicca is prone to an unspecified security-bypass vulnerability.
Exploiting this issue could allow an attacker to bypass certain security restrictions and upload media files from the device.
twicca versions prior to 0.9.30 are vulnerable.
Exploit / POC
twicca Unspecified Security Bypass Vulnerability
Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
twicca Unspecified Security Bypass Vulnerability
Solution:
Vendor updates are available. Please see the references for more information.
Solution:
Vendor updates are available. Please see the references for more information.
References
twicca Unspecified Security Bypass Vulnerability
References:
References:
- JVN#31860555 twicca fails to restrict access permissions (Kazuhiko Kusano)
- JVNDB-2012-000024 twicca fails to restrict access permissions (Kazuhiko Kusano)
- twicca Homepage (Google)