Android is prone to an overflow condition. The vold daemon fails to properly sanitize user-supplied input when parsing specially crafted FrameworkCommands, causing a stack based buffer overflow. When the overflow occurs, the exploit returns to a chain of Return Oriented Exploitation (ROP) gaddgets that execute as root, escalating the attacker's privileges.
Android 2.2 (codenamed 'Froyo') contains over 80 high-risk flaws that may allow an attacker to take control of an Android device. No further details have been provided.
Android is prone to multiple security vulnerabilities including:
1. Multiple security-bypass vulnerabilities
2. Multiple information-disclosure vulnerabilities
3. A file-overwrite vulnerability
Successful exploits allows an attacker to gain access to sensitive information, bypass certain security restrictions, or overwrite arbitrary files. Other attacks are also possible.