CVE-2014-1978

Vulnerability

The NTT DOCOMO sp mode mail application contains an application link interface that allows exchange of mail data with external applications during email composition. When the user selects an application to link, the email contents and attachments are written to the SD card. This affects versions rev.6100 through rev.6300 for Android 4.0.x and earlier, and rev.6130 through rev.6700 for Android 4.1 through 4.4 [1][2].

Exploitation

An attacker must first install a malicious Android application on the victim's device. When the victim composes an email and uses the application link interface (e.g., to attach a file from another app), the email content and attachments are saved to the SD card. The malicious app can then read this data from the SD card without any additional permissions [1][2].

Impact

Successful exploitation allows the attacker to obtain the contents of emails that are in the process of being created, including any attachments. This results in unauthorized disclosure of sensitive information (confidentiality impact) [1][2].

Mitigation

The developer has stated that an update to fix this issue will not be provided. In later versions (rev.6400 and later for Android 4.0.x and earlier; rev.6800 and later for Android 4.1 and later), warnings about this behavior have been added to the consent agreement, the pop-up when first using the application link interface, and the help page. Users are advised to be cautious when using the application link interface and to avoid installing untrusted applications [1][2].