原生漏洞列表 (105)

BID/47923(发布:2011-05-16 12:00:00)MCOEPS
CVSSN/A

Open Handset Alliance Android is prone to a security-bypass weakness due to a design error in its event model.
Attackers can leverage this issue to evade the scanning of their malicious applications by security products such as antivirus applications. This results in a false sense of security that can aid attackers in launching further attacks.

BID/46553(发布:2011-02-24 12:00:00)MCOEPS
CVSSN/A

Open Handset Alliance Android is prone to a security-bypass vulnerability due to a failure to restrict access to locked devices.
An attacker with physical access to a locked device can exploit this issue to bypass the passcode. Successful exploits may lead to other attacks.

BID/45048(发布:2010-11-25 12:00:00)MCOEPS
CVSSN/A

Android is prone to an information-disclosure vulnerability.
A remote attacker can exploit this issue to obtain potentially sensitive information. Information obtained may aid in further attacks.

BID/37723(发布:2010-01-12 12:00:00)MCOEPS
CVSSN/A

Android from Open Handset Alliance is prone to a security-bypass vulnerability because the screen lock may be bypassed.
Successful exploits can allow an attacker with physical access to a vulnerable phone to perform unauthorized actions or obtain sensitive information.
Android 2.0.1 running on the Motorola Droid phone is vulnerable.

BID/33695(发布:2009-02-09 12:00:00)MCOEPS
CVSSN/A

Open Handset Alliance Android (previously Google Android) is prone to multiple local vulnerabilities including a privilege-escalation issue, multiple integer-overflow issues, and a buffer-overflow issue.
Local attackers may be able to exploit these issues to gain elevated privileges on a vulnerable device or to execute arbitrary code within the context of the kernel. Failed attacks will likely cause denial-of-service conditions.
Android 1.0 as shipped with the T-Mobile G1 phone is vulnerable; other versions may also be affected.

BID/31946(发布:2008-10-24 12:00:00)MCOEPS
CVSSN/A

Android Web Browser is prone to an unspecified remote code-execution vulnerability.
Successful exploits allow attackers to execute arbitrary code in the context of the browser. Note that attackers can exploit this issue to compromise only the browser, which may result in information-disclosure attacks.
Reportedly, this issue stems from an older vulnerability in one of the third-party packages used by Android. No further details are currently available. We will update or retire this BID when more information emerges.
NOTE: The HTC T-Mobile G1 phone ships with a vulnerable version of Android and is also affected by this issue.

首页上一页678910111213下一页尾页 第8页 / 共18页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站