CVE-2016-6910 in Galaxy S6 Edgeinfo

Zusammenfassung

von MITRE

The non-existent notification listener vulnerability was introduced in the initial Android 5.0.2 builds for the Samsung Galaxy S6 Edge devices, but the vulnerability can persist on the device even after the device has been upgraded to an Android 5.1.1 or 6.0.1 build. The vulnerable system app gives a non-existent app the ability to read the notifications from the device, which a third-party app can utilize if it uses a package name of com.samsung.android.app.portalservicewidget. This vulnerability allows an unprivileged third-party app to obtain the text of the user's notifications, which tend to contain personal data.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

22.08.2016

Veröffentlichung

23.12.2016

Moderieren

akzeptiert

Eintrag

VDB-94663

CPE

bereit

CWE

CWE-200 (bestätigt)

CVSS

5.5 (NVD)

EPSS

0.00088

KEV

nein

Aktivitäten

very low

Sektor

Police, Homeoffice, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-6910
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-6910
CVE Details	https://www.cvedetails.com/cve/CVE-2016-6910/

◂ Zurück Übersicht Weiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!