CVE-2016-7988

The CVE describes an issue on Samsung Galaxy devices (S4–S7) where the BroadcastReceiver for com.[Samsung].android.intent.action.SET_WIFI lacks required permissions. This permits unsolicited configuration messages to be processed by wifi-service.jar within the Android Framework, as part of the vu...

CVE-2016-7988

On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.Samsung.android.intent.action.SETWIFI intent leads to unsolicited configuration messages being handled by wifi-service.jar within the Android Framework, a subset of...

Android Framework Listener Elevation of Privilege Vulnerability

Android is an open source operating system based on Linux. A security vulnerability in the libsysutils/src/FrameworkListener.cpp file in Android's Framework Listener allows remote attackers to exploit the vulnerability to build malicious applications with elevated privileges...

Android framework APIs elevation of privilege vulnerability (CNVD-2016-09514)

Android is an open source operating system based on Linux. Android's framework APIs have security vulnerabilities that allow remote attackers to build malicious applications with elevated privileges...

CVE-2016-3912

The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allow attackers to gain privileges via a crafted application, aka internal bug 30202481...

UBUNTU-CVE-2016-3912

The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allow attackers to gain privileges via a crafted application, aka internal bug 30202481...

UBUNTU-CVE-2016-3832

The framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 do not ensure that package data originated from the Package Manager, which allows attackers to bypass an unspecified protection mechanism via a crafted application, aka internal bug...

Google Android Framework APIs Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. There is a security vulnerability in the Android Framework APIs, which can be exploited by remote attackers to build special applications, induce application parsing, and elevate...

Android Framework APIs Component Privilege Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA.Framework APIs are one of the API components used to create the framework. A power lifting vulnerability exists in the Framework APIs component in Android. An attacker can exploit...

Android Framework APIs Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA.Framework APIs are one of the API components used to create the framework. A power lifting vulnerability exists in Android's Framework APIs. An attacker can exploit this...

Android Framework UI Permission Dialog Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA in the U.S. Framework UI is a UI framework component used in it. An elevation of privilege vulnerability exists in the Framework UI privilege dialog box in Android versions prior to...

Android Framework Component Information Disclosure Vulnerability

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. An information disclosure vulnerability exists in the Framework component of Android, which can be exploited by a local attacker to obtain sensitive information...

The Android framework layer vulnerability-Fragment injection-vulnerability warning-the black bar safety net

Original: A New Vulnerability in the Android Framework: Fragment Injection Source: http://securityintelligence.com/new-vulnerability-android-framework-fragment-injection/comments Author: Roee Hay,IBM's Application Security Research Team Time: 2013.12.10 Recently we to the Android security team ha...