Native层漏洞列表 [SecurityFocus] (11)

BID/62512(发布:2013-09-16 12:00:00)MCOEPS
CVSS0.0

Google Android is prone to a remote security-bypass vulnerability.
Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks.

BID/54657(发布:2012-07-24 12:00:00)NMCOPS
CVSS5.0

Open Handset Alliance Android is prone to a remote DNS cache-poisoning vulnerability.
An attacker can exploit this issue to divert data from a legitimate site to an attacker-specified site.
Successfully exploiting this issue will allow attackers to poison the DNS cache and steal the victimâ??s cookies or perform site-impersonation; other attacks are also possible.
Android 4.0.4 and prior are vulnerable.

BID/54240(发布:2012-06-07 12:00:00)NMCOS
CVSS4.3

bionic is prone to a buffer-overflow vulnerability because it fails to properly bounds check user-supplied data.
An attacker can exploit this issue to execute arbitrary code within the context of affected applications that are using the affected library. Failed attacks will cause denial-of-service conditions.

BID/53380(发布:2012-05-03 12:00:00)MCOS
CVSSN/A

Android is prone to an information-disclosure vulnerability.
Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks.
Android 2.3.7 is vulnerable; other versions may also be affected.

BID/52177(发布:2012-02-27 12:00:00)MCOEPS
CVSSN/A

Open Handset Alliance Android is prone to a remote code-execution vulnerability.
Successful exploits will allow attackers to execute arbitrary code and take complete control of the device.
Android 2.2 is vulnerable; other versions may also be affected.

BID/50598(发布:2011-11-08 12:00:00)NMCOS
CVSS9.3

Android is prone to a local privilege-escalation vulnerability.
Local attackers can exploit this issue to gain elevated privileges on affected devices.
Android 2.2.x (Froyo) and Android 2.4.x (Gingerbread) are vulnerable.

12下一页尾页 第1页 / 共2页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站