CVE-2014-8610 in Androidinformazioni

Riassunto

di MITRE

AndroidManifest.xml in Android before 5.0.0 does not require the SEND_SMS permission for the SmsReceiver receiver, which allows attackers to send stored SMS messages, and consequently transmit arbitrary new draft SMS messages or trigger additional per-message charges from a network operator for old messages, via a crafted application that broadcasts an intent with the com.android.mms.transaction.MESSAGE_SENT action, aka Bug 17671795.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Prenotare

04/11/2014

Divulgazione

15/12/2014

Moderazione

accettato

CPE

pronto

Sfruttamento

Scaricare

EPSS

0.00342

KEV

no

Attività

molto basso

Fonti

Want to stay up to date on a daily basis?

Enable the mail alert feature now!