50 matches found
Code injection
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.0 software. Because of incorrect exception handling and an unprotected intent, AudioService can cause a system crash, The Samsung IDs are SVE-2017-8114, SVE-2017-8116, and SVE-2017-8117 March 2017...
CVE-2017-18682
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.0 software. Because of incorrect exception handling and an unprotected intent, AudioService can cause a system crash, The Samsung IDs are SVE-2017-8114, SVE-2017-8116, and SVE-2017-8117 March 2017...
CVE-2017-18682
The CVE-2017-18682 entry concerns Samsung mobile devices across KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) where AudioService can crash the system due to incorrect exception handling and an unprotected intent. Affected Samsung identifiers are SVE-2017-8114, SVE-2017-8116, and SVE-2017-8117. Connecte...
CVE-2020-0047
In setMasterMute of AudioService.java, there is a missing permission check. This could lead to local silencing of audio with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141622311...
Design/Logic Flaw
In setMasterMute of AudioService.java, there is a missing permission check. This could lead to local silencing of audio with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141622311...
CVE-2020-0047
CVE-2020-0047 affects Android 10; a missing permission check in AudioService.java (setMasterMute) allows local silencing of audio without extra execution privileges or user interaction. The issue is documented as Elevation of Privilege with likely impact limited to audio control. Public reference...
CVE-2019-9364
In AudioService, there is a possible trigger of background user audio due to a permissions bypass. This could lead to local information disclosure by playing the background user's audio with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
Information disclosure
In AudioService, there is a possible trigger of background user audio due to a permissions bypass. This could lead to local information disclosure by playing the background user's audio with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...
CVE-2019-9364
CVE-2019-9364 affects Android 10 via AudioService. The issue is a permissions bypass that can trigger background user audio, leading to local information disclosure without additional privileges. Exploitation details are not provided beyond the described local disclosure; no explicit on-device ex...
CVE-2019-9364
In AudioService, there is a possible trigger of background user audio due to a permissions bypass. This could lead to local information disclosure by playing the background user's audio with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...