CVE-2014-0804

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.pro", "name": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.pro", "tags": [], "refsource": "CONFIRM"}, {"url": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.free", "name": "https://play.google.com/store/apps/details?id=com.cgene.android.secret.filelock.free", "tags": [], "refsource": "CONFIRM"}, {"url": "http://jvn.jp/en/jp/JVN44392991/index.html", "name": "JVN#44392991", "tags": [], "refsource": "JVN"}, {"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000003", "name": "JVNDB-2014-000003", "tags": [], "refsource": "JVNDB"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Directory traversal vulnerability in the CGENE Security File Manager Pro application 1.0.6 and earlier, and Security File Manager Trial application 1.0.6 and earlier, for Android allows attackers to overwrite or create arbitrary files via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-22"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-0804", "ASSIGNER": "vultures@jpcert.or.jp"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-01-12T18:34Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cgene:security_file_manager:*:-:-:*:trial:android:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.0.6"}, {"cpe23Uri": "cpe:2.3:a:cgene:security_file_manager:*:-:-:*:pro:android:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.0.6"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2014-01-13T20:05Z"}