Native层漏洞列表 (21)

CVE-2012-2808(发布:2015-04-01 06:59:00)NMCOPS
CVSS5.0

[CNNVD]Open Handset Alliance Android 远程DNS缓存投毒漏洞--Android是Google通过Open Handset Alliance发起的项目,用于为移动设备提供完整的软件集,包括操作系统、中间件等。 Open Handset Alliance Android中存在远程DNS缓存投毒漏洞。攻击者可利用该漏洞从合法网站转移数据到攻击者指定的站点,成功的利用将...

OSVDB/97520(发布:2013-09-15)MCOEPS
CVSSN/A

Android contains a flaw in the addJavascriptInterface method in the WebView class. The issue is triggered when viewing web content. This may allow a context-dependent attacker to gain access to arbitrary java methods.

OSVDB/86544(发布:2012-03-18)MCOEPS
CVSSN/A

Android contains a flaw that is triggered when the built in factory reset feature fails to properly remove all information from the system, when ran from either the recovery console or inside. This may allow a physically present attacker to gain access to potentially sensitive information from a locked device, by first performing a factory reset and then recovering the information.

OSVDB/80835(发布:2012-02-29)MCOEPS
CVSSN/A

The Google Android contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is due to an unspecified issue, allowing a context-dependent attacker to gain access to the device with root privileges.

OSVDB/86670(发布:2011-10-10)MCOEPS
CVSSN/A

Android is prone to an overflow condition. The vold daemon fails to properly sanitize user-supplied input when parsing specially crafted FrameworkCommands, causing a stack based buffer overflow. When the overflow occurs, the exploit returns to a chain of Return Oriented Exploitation (ROP) gaddgets that execute as root, escalating the attacker's privileges.

BID/45650(发布:)MCOEPS
CVSSN/A

暂无描述

1234下一页尾页 第1页 / 共4页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站