RSS   Vulnerabilities for 'Android'   RSS

2009-10-14
 
CVE-2009-3698

CWE-noinfo
 
 
An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656.

 
 
CVE-2009-2999

CWE-noinfo
 
 
The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656.

 
2009-08-03
 
CVE-2009-2656

 
 
Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009.

 
2009-07-17
 
CVE-2009-2348

CWE-94
 
 
Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and executing an application that does not make a permission request before using the camera or microphone.

 
2009-05-26
 
CVE-2009-1754

CWE-287
 
 
The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote user-assisted attackers to access application data by creating a package that specifies a shared user ID with an arbitrary application.

 

 >>> Vendor: Android 5 Products
Android sdk
Android browser
Android
Opencore
Play core library

Copyright 2024, cxsecurity.com

 

Back to Top