Lucene search

PRIOn knowledge basePRION:CVE-2009-2999

HistoryOct 14, 2009 - 10:30 a.m.

Design/Logic Flaw

2009-10-1410:30:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

79.3%

JSON

The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656.

CPENameOperatorVersion
androideq1.5

CPE	Name	Operator	Version
	android	eq	1.5

References

android.git.kernel.org/?p=platform/frameworks/base.git;a=commit;h=46e23fe762d2143d60589ab6d39c4b47c2c754d1

securitytracker.com/id?1022986

www.ocert.org/advisories/ocert-2009-014.html

www.securityfocus.com/archive/1/506948/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/53655

6.9 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

79.3%

JSON

Related for PRION:CVE-2009-2999