{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-01-10T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the CGENE Security File Manager Pro application 1.0.6 and earlier, and Security File Manager Trial application 1.0.6 and earlier, for Android allows attackers to overwrite or create arbitrary files via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-01-12T15:57:00", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.free"}, {"name": "JVN#44392991", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN44392991/index.html"}, {"name": "JVNDB-2014-000003", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000003"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.pro"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2014-0804", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in the CGENE Security File Manager Pro application 1.0.6 and earlier, and Security File Manager Trial application 1.0.6 and earlier, for Android allows attackers to overwrite or create arbitrary files via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.free", "refsource": "CONFIRM", "url": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.free"}, {"name": "JVN#44392991", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN44392991/index.html"}, {"name": "JVNDB-2014-000003", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000003"}, {"name": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.pro", "refsource": "CONFIRM", "url": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.pro"}]}}}}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2014-0804", "datePublished": "2014-01-12T15:00:00", "dateReserved": "2014-01-06T00:00:00", "dateUpdated": "2014-01-12T15:57:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cgene:security_file_manager:*:-:-:*:pro:android:*:*", "matchCriteriaId": "1C1FB6CA-D30E-43F6-A79A-F460FE24E2BD", "versionEndIncluding": "1.0.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cgene:security_file_manager:*:-:-:*:trial:android:*:*", "matchCriteriaId": "097E8194-655D-4485-90CE-B3BDB5E2B5F5", "versionEndIncluding": "1.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the CGENE Security File Manager Pro application 1.0.6 and earlier, and Security File Manager Trial application 1.0.6 and earlier, for Android allows attackers to overwrite or create arbitrary files via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de recorrido de directorios en la aplicaci\u00f3n CGENE Security File Manager Pro 1.0.6 y anteriores para Android, y Security File Manager Trial 1.06 y anteriores, permite a atacantes sobreescribir o crear archivos de forma arbitraria a trav\u00e9s de vectores no especificados."}], "id": "CVE-2014-0804", "lastModified": "2014-01-13T20:05:50.797", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-01-12T18:34:56.063", "references": [{"source": "vultures@jpcert.or.jp", "url": "http://jvn.jp/en/jp/JVN44392991/index.html"}, {"source": "vultures@jpcert.or.jp", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000003"}, {"source": "vultures@jpcert.or.jp", "url": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.free"}, {"source": "vultures@jpcert.or.jp", "url": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.pro"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}