原生漏洞列表 (105)

BID/56392(发布:2012-11-05 12:00:00)MCOEPS
CVSSN/A

Android is prone to an SMS-spoofing vulnerability.
An attacker may exploit this vulnerability to send spoofed SMS contents to a victim that seem to originate from a trusted user. This allows a remote attacker to carry out phishing attacks. Other attacks may be possible.
Android versions 1.6 (Donut) through 4.1 (Jelly Bean) are vulnerable.

BID/52568(发布:2012-03-19 12:00:00)MCOEPS
CVSSN/A

Android is prone to an information-disclosure vulnerability.
This may result in a false sense of security if users wipe their phone data and expect this data to be completely erased from the device.
An attacker with physical access can exploit this issue to obtain potentially sensitive information. Information obtained may aid in further attacks.

BID/51909(发布:2012-02-08 12:00:00)MCOEPS
CVSSN/A

Open Handset Alliance Android is prone to the following vulnerabilities:
1. A security weakness.
2. A cross-site scripting vulnerability.
3. Multiple cross-domain scripting vulnerabilities.
Successfully exploiting these issues may allow an attacker to bypass the same-origin protection and obtain potentially sensitive information, execute arbitrary script code in the browser of an unsuspecting user, steal cookie-based authentication credentials, and perform certain administrative actions in the vulnerable application.

BID/49709(发布:2011-09-20 12:00:00)MCOEPS
CVSSN/A

Open Handset Alliance Android is prone to local privilege-escalation and security-bypass vulnerabilities.
A local attacker can exploit the security-bypass issue to install arbitrary applications on the device, without sufficient privileges.
A local attacker can also exploit the privilege-escalation issue to elevate privileges, leading to a complete compromise of the device.

BID/48940(发布:2011-07-29 12:00:00)MCOEPS
CVSSN/A

Open Handset Alliance Android is prone to a security vulnerability that may allow attackers to spoof SSL certificates.
Attackers can exploit this issue to display incorrect SSL certificates. Successful exploits will cause victims to assume that they are viewing a legitimate site.

BID/47892(发布:2011-05-17 12:00:00)MCOEPS
CVSSN/A

Open Handset Alliance Android is prone to a privilege-escalation vulnerability.
Successfully exploiting this issue can allow attackers to bypass sandbox protections and perform actions with elevated privileges on less privileged applications.

首页上一页56789101112下一页尾页 第7页 / 共18页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站