The twicca application 0.7.0 through 0.9.30 for Android does not properly restrict the use of network privileges, which allows remote attackers to read media files on an SD card via a crafted application.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Twicca | Tetsuya_aoyama | 0.7.0 (including) | 0.7.0 (including) |
| Twicca | Tetsuya_aoyama | 0.8.8 (including) | 0.8.8 (including) |
| Twicca | Tetsuya_aoyama | 0.9.4g-rc2 (including) | 0.9.4g-rc2 (including) |
| Twicca | Tetsuya_aoyama | 0.9.4g2-rc2 (including) | 0.9.4g2-rc2 (including) |
| Twicca | Tetsuya_aoyama | 0.9.13-rc2 (including) | 0.9.13-rc2 (including) |
| Twicca | Tetsuya_aoyama | 0.9.13a-rc2 (including) | 0.9.13a-rc2 (including) |
| Twicca | Tetsuya_aoyama | 0.9.13b-rc2 (including) | 0.9.13b-rc2 (including) |
| Twicca | Tetsuya_aoyama | 0.9.16 (including) | 0.9.16 (including) |
| Twicca | Tetsuya_aoyama | 0.9.17b (including) | 0.9.17b (including) |
| Twicca | Tetsuya_aoyama | 0.9.20 (including) | 0.9.20 (including) |
| Twicca | Tetsuya_aoyama | 0.9.20a (including) | 0.9.20a (including) |
| Twicca | Tetsuya_aoyama | 0.9.20b (including) | 0.9.20b (including) |
| Twicca | Tetsuya_aoyama | 0.9.20c (including) | 0.9.20c (including) |
| Twicca | Tetsuya_aoyama | 0.9.20e (including) | 0.9.20e (including) |
| Twicca | Tetsuya_aoyama | 0.9.26 (including) | 0.9.26 (including) |
| Twicca | Tetsuya_aoyama | 0.9.26c (including) | 0.9.26c (including) |
| Twicca | Tetsuya_aoyama | 0.9.26c2 (including) | 0.9.26c2 (including) |
| Twicca | Tetsuya_aoyama | 0.9.30 (including) | 0.9.30 (including) |
| Twicca | Tetsuya_aoyama | 0.9.31 (including) | 0.9.31 (including) |
| Twicca | Tetsuya_aoyama | 0.9.31a (including) | 0.9.31a (including) |