ID CVE-2016-3914Type cveReporter NVDModified 2016-11-28T15:13:50
Description
Race condition in providers/telephony/MmsProvider.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application that modifies a database between two open operations, aka internal bug 30481342.
{"hash": "6842294d38e669381f63f08555fa8258a886799cb824909e2441f4ffd051bcc0", "id": "CVE-2016-3914", "lastseen": "2016-12-01T02:27:20", "viewCount": 3, "hashmap": [{"hash": "65d5a89e1c9e4fd39cccde5dde742638", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "e644da1397771dec769921f560698cb4", "key": "cpe"}, {"hash": "199aa491091c08d2d41971544c0e040c", "key": "cvelist"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "9ec7fd3d5655a549ab1262858db5f501", "key": "description"}, {"hash": "d234bb2a3074d1a21a654812713261cf", "key": "href"}, {"hash": "a4268a007517f7388fcc61baa85a71f5", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "b32a2f02132459bc92332f074f780edc", "key": "published"}, {"hash": "ed34f69f107499c1d1a16bcd47e96932", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "3e8eb297a501cc64456860693af98516", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "bulletinFamily": "NVD", "cpe": ["cpe:/o:google:android:6.0", "cpe:/o:google:android:5.1.0", "cpe:/o:google:android:4.2", "cpe:/o:google:android:4.1", "cpe:/o:google:android:4.4.2", "cpe:/o:google:android:4.0", "cpe:/o:google:android:4.4.1", "cpe:/o:google:android:4.0.3", "cpe:/o:google:android:4.3", "cpe:/o:google:android:4.0.4", "cpe:/o:google:android:5.0", "cpe:/o:google:android:4.2.1", "cpe:/o:google:android:7.0", "cpe:/o:google:android:4.2.2", "cpe:/o:google:android:5.1", "cpe:/o:google:android:4.3.1", "cpe:/o:google:android:6.0.1", "cpe:/o:google:android:4.1.2", "cpe:/o:google:android:4.0.2", "cpe:/o:google:android:4.4.3", "cpe:/o:google:android:5.0.1", "cpe:/o:google:android:4.0.1", "cpe:/o:google:android:4.4"], "assessment": {"system": "", "name": "", "href": ""}, "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "edition": 1, "enchantments": {"score": {"value": 6.8, "vector": "NONE"}, "vulnersScore": 6.8}, "type": "cve", "description": "Race condition in providers/telephony/MmsProvider.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application that modifies a database between two open operations, aka internal bug 30481342.", "title": "CVE-2016-3914", "history": [], "objectVersion": "1.2", "cvelist": ["CVE-2016-3914"], "published": "2016-10-10T06:59:18", "references": ["https://android.googlesource.com/platform/packages/providers/TelephonyProvider/+/3a3a5d145d380deef2d5b7c3150864cd04be397f", "http://www.securityfocus.com/bid/93300", "http://source.android.com/security/bulletin/2016-10-01.html"], "reporter": "NVD", "scanner": [], "modified": "2016-11-28T15:13:50", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3914"}
{}
