原生漏洞列表 (105)

OSVDB/91277(发布:2013-03-14)MCOEPS
CVSSN/A

Google Android contains a flaw in the default browser that may lead to unauthorized disclosure of sensitive information. This issue is due to the insecure handling of the login form. With a specially crafted website or when connecting to a malformed WiFi access point and subsequently viewing a webpage that requires login credentials, a context-dependent attacker can gain access to stored credential information for websites.

OSVDB/91279(发布:2013-03-14)MCOEPS
CVSSN/A

Google Android contains a flaw in the default browser that may lead to unauthorized disclosure of sensitive information to a remote attacker. The issue is due to the system allowing any application to access stored passwords and potentially cookies within the default browser.

OSVDB/91285(发布:2013-03-14)MCOEPS
CVSSN/A

Google Android contains a flaw due to the CHANGE_NETWORK_STATE permission that may allow an application to manipulate objects and data in the routing tables. With a specially crafted application that would be considered harmless by many, a remote attacker can more easily compromise a users system.

OSVDB/91284(发布:2013-03-14)MCOEPS
CVSSN/A

Google Android contains a flaw that may allow an application stored on the SD card to hide their permissions from the user. Note that both the researcher and the vendor suggest that while this is a theoretical issue, neither can come up with a current attack scenario that leverages this bug.

OSVDB/91283(发布:2013-03-14)MCOEPS
CVSSN/A

Google Android contains a flaw that leads to unauthorized privileges being gained. In certain unspecified situations this issue may allow an application to replace the native code of another application and gain the privileges that are associated with it. This may allow a remote attacker to potentially execute arbitrary code as well.

OSVDB/91282(发布:2013-03-14)MCOEPS
CVSSN/A

Google Android contains a flaw that is due to applications being given the MOUNT_FORMAT_FILESYSTEMS permissions. This may allow malicious applications to enumerate which file or directory is currently in use.

首页上一页12345678下一页尾页 第3页 / 共18页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站