CVE-2012-1244 Information

Description

The NTT DOCOMO sp mode mail application 5400 and earlier for Android does not properly verify X.509 certificates from SSL servers which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Reference

http://jvn.jp/en/jp/JVN82029095/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-000037 http://osvdb.org/81629 http://secunia.com/advisories/48955 http://www.securityfocus.com/bid/53254 https://exchange.xforce.ibmcloud.com/vulnerabilities/75159