原生漏洞列表 (105)

OSVDB/85806(发布:2012-09-24)MCOEPS
CVSSN/A

The Android Dialer contains a flaw that is triggered during the handling of certain Unstructured Supplementary Service Data (USSD) codes from a web page that contains a specially crafted 'tel:' URI. This may allow a context-dependent attacker to reset the device back to factory settings.

OSVDB/84477(发布:2012-04-09)MCOEPS
CVSSN/A

Android Framework contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the URI ACTION_VIEW Intent action passes arbitrary information to a remote attacker, even in cases where no permissions are required to export information have been granted.

OSVDB/84478(发布:2012-04-09)MCOEPS
CVSSN/A

The Android Framework contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a user installs a malicious Android application that requires no permissions. Due to a flaw in permission management, the malicious application may be able to scan the device's SD card, fetch the /data/system/packages.list file, and bypass the PHONE_STATE permission. This information can then be sent to a remote server, potentially disclosing sensitive information.

OSVDB/86544(发布:2012-03-18)MCOEPS
CVSSN/A

Android contains a flaw that is triggered when the built in factory reset feature fails to properly remove all information from the system, when ran from either the recovery console or inside. This may allow a physically present attacker to gain access to potentially sensitive information from a locked device, by first performing a factory reset and then recovering the information.

OSVDB/80835(发布:2012-02-29)MCOEPS
CVSSN/A

The Google Android contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is due to an unspecified issue, allowing a context-dependent attacker to gain access to the device with root privileges.

OSVDB/77999(发布:2011-12-21)MCOEPS
CVSSN/A

暂无描述

首页上一页345678910下一页尾页 第5页 / 共18页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站