32 matches found
EUVD-2013-4611
Malware in sbrugna...
EUVD-2016-8838
Malware in sbrugna...
EUVD-2013-4610
Malware in sbrugna...
CVE-2013-4764
Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission...
CVE-2013-4763
Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission...
Code injection
Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission...
CVE-2016-4030
Samsung SM-G920F build G920FXXU2COH2 Galaxy S6, SM-N9005 build N9005XXUGBOK6 Galaxy Note 3, GT-I9192 build I9192XXUBNB1 Galaxy S4 mini, GT-I9195 build I9195XXUCOL1 Galaxy S4 mini LTE, and GT-I9505 build I9505XXUHOJ2 Galaxy S4 devices have unintended availability of the modem in USB configuration...
Samsung Galaxy S4-S7 Device Denial of Service Vulnerability
The Samsung Galaxy S4 and others are smart mobile devices released by the South Korean company Samsung Samsung. A denial of service vulnerability exists in Samsung Galaxy S4 to S7 devices. An attacker can exploit the vulnerability to cause a sustained Android system crash, rendering the device...
Unauthorized Modification Vulnerability in Samsung Galaxy S4 to S7 Devices
The Samsung Galaxy S4 and others are smart mobile devices released by the South Korean company Samsung Samsung. An unauthorized modification vulnerability exists in Samsung Galaxy S4 to S7 devices. The vulnerability stems from the program ignoring security information embedded in OMACP messages. ...
CVE-2016-7989
On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually...
CVE-2016-7988
On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.Samsung.android.intent.action.SETWIFI intent leads to unsolicited configuration messages being handled by wifi-service.jar within the Android Framework, a subset of...
Code injection
On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.Samsung.android.intent.action.SETWIFI intent leads to unsolicited configuration messages being handled by wifi-service.jar within the Android Framework, a subset of...
Design/Logic Flaw
On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually...
CVE-2016-7988
On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.Samsung.android.intent.action.SETWIFI intent leads to unsolicited configuration messages being handled by wifi-service.jar within the Android Framework, a subset of...
CVE-2016-7990
On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so when parsing OMACP messages within WAP Push SMS messages leading to a heap corruption that can result in Denial of Service and potentially remote code execution, a subset of SVE-2016-6542...
Samsung KNOX 1.0 Weak eCryptFS Key Generation
Subject: CVE-2016-1919 Weak eCryptFS Key generation from user password on KNOX 1.0 / Android 4.3 Vulnerability Description ========================= The vulnerability allows disclosure of Data-at-Rest of Samsung KNOX 1.0 containers. KNOX container data is encrypted using eCryptFS containers. The...
Samsung S4 GT-I9500 Memory Corruption Vulnerability
The Samsung S4 GT-I9500 is a smartphone released by the South Korean company Samsung. The 's3cfbextdspioctl' in the drivers/video/samsungextdisp/s3cfbextdspops.c file of the Samsung S4 GT-I9500 I9500XXUEMK8 release A memory corruption vulnerability exists in the function, allowing a local attacke...
Samsung Galaxy KNOX Android Browser Remote Code Execution Exploit
This Metasploit module exploits a vulnerability that exists in the KNOX security component of the Samsung Galaxy firmware that allows a remote webpage to install an APK with arbitrary permissions by abusing the 'smdm://' protocol handler registered by the KNOX component. The vulnerability has bee...
Samsung Galaxy KNOX Android Browser - Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'digest/md5' class Metasploit3 0|1 if an HTTP request has been made to download a payload of that ID attrreader :servedpayloads def...
Fake Cell Phone Towers Could Be Intercepting Your Calls
A notable number of cell phone towers around the United States are rogue that, according to latest report, could spoof legitimate towers and intercept calls. The research carried out by ESD America, a defense and law enforcement technology firm based in Las Vegas, shows that a rogue cell phone...