50 matches found
Information disclosure
In AudioService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-39760
CVE-2021-39760 is described as a side-channel information disclosure in Android’s AudioService that can reveal whether an app is installed without query permissions. The impact is local information leakage with no extra execution privileges; user interaction is not required. Related connected doc...
CVE-2021-39760
In AudioService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability that originates from a side-channel information disclosure in AudioService. The vulnerability can be exploited by attackers to cause local...
CVE-2021-1003
In adjustStreamVolume of AudioService.java, there is a possible way for unprivileged app to change audio stream volume due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product...
CVE-2021-1003
In adjustStreamVolume of AudioService.java, there is a possible way for unprivileged app to change audio stream volume due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product...
CVE-2021-1018
In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...
Information disclosure
In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...
Privilege escalation
In adjustStreamVolume of AudioService.java, there is a possible way for unprivileged app to change audio stream volume due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product...
CVE-2021-1018
CVE-2021-1018 describes a local information-disclosure issue in Android 12: in AudioService.adjustStreamVolume, a side-channel could reveal whether an app is installed without query permissions, enabling limited information disclosure without extra privileges. Multiple connected records (NVD, Red...
CVE-2021-1018
In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...
CVE-2021-1003
In adjustStreamVolume of AudioService.java, there is a possible way for unprivileged app to change audio stream volume due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product...
CVE-2021-1003
The CVE-2021-1003 issue affects Android 12 in AudioService.java (adjustStreamVolume). The root cause is a confused deputy that allows an unprivileged app to change the audio stream volume, enabling local privilege escalation without extra execution privileges, and no user interaction is required ...
PUB-A-194110891
In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...
CVE-2020-0314
In AudioService, there are missing permission checks. This could lead to local information disclosure of audio configuration with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934920...
Information disclosure
In AudioService, there are missing permission checks. This could lead to local information disclosure of audio configuration with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934920...
CVE-2020-0314
CVE-2020-0314 affects Android 11 AudioService, where missing permission checks could enable local disclosure of audio configuration without extra execution privileges. The root cause is insufficient permission validation in AudioService, with exploitation not requiring user interaction. Documente...
CVE-2020-0314
In AudioService, there are missing permission checks. This could lead to local information disclosure of audio configuration with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934920...
CVE-2017-18682
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.0 software. Because of incorrect exception handling and an unprotected intent, AudioService can cause a system crash, The Samsung IDs are SVE-2017-8114, SVE-2017-8116, and SVE-2017-8117 March 2017...
CVE-2017-18682
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.0 software. Because of incorrect exception handling and an unprotected intent, AudioService can cause a system crash, The Samsung IDs are SVE-2017-8114, SVE-2017-8116, and SVE-2017-8117 March 2017...