Vulnerability CVE-2014-8507
Published: 2014-12-15

Description:
Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android before 5.0.0 allow remote attackers to execute arbitrary SQL commands, and consequently launch an activity or service, via the (1) wapAppId or (2) contentType field of a PDU for a malformed WAPPush message, aka Bug 17969135.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Android WAPPushManager SQL Injection
Baidu X-Team
26.11.2014

Type:

CWE-89

 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Google -> Android 

 References:
https://android.googlesource.com/platform/frameworks/base/+/48ed835468c6235905459e6ef7df032baf3e4df6
http://xteam.baidu.com/?p=167
http://www.securityfocus.com/bid/71310
http://seclists.org/fulldisclosure/2014/Nov/86
http://packetstormsecurity.com/files/129283/Android-WAPPushManager-SQL-Injection.html
Copyright 2024, cxsecurity.com

 

Back to Top