659 matches found
UBUNTU-CVE-2015-3845
The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation, which allows attackers to obtain a different application's privileges via a crafted application, a...
CVE-2015-3845
The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation, which allows attackers to obtain a different application's privileges via a crafted application, a...
CVE-2015-3845
CVE-2015-3845 affects Android Binder’s Parcel handling: the Parcel::appendFrom function in libs/binder/Parcel.cpp does not consider parcel boundaries when identifying binder objects, in Android versions before 5.1.1 LMY48M. The underlying flaw can allow a crafted application to obtain privileges ...
Threat Outbreak Alert RuleID18269: Email Messages Distributing Malicious Software on September 25, 2015
Medium Alert ID: 41219 First Published: 2015 September 25 15:56 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID18269 may contain the following files: Name ...
Threat Outbreak Alert RuleID18051: Email Messages Distributing Malicious Software on September 17, 2015
Medium Alert ID: 41065 First Published: 2015 September 17 14:00 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID18051 may contain the following files: Name ...
Android-libcutils library integer overflow leading to heap damage vulnerability discovery and exploit-vulnerability warning-the black bar safety net
Before reading this article, you best understand the Android Binder mechanism, for graphics system BufferQueue principle, the heap Manager jemalloc the basic principles. This article describes how to use the libcutils library stack damage vulnerability get systemserver permissions, this...
Threat Outbreak Alert RuleID17643: Email Messages Distributing Malicious Software on August 28, 2015
Medium Alert ID: 40721 First Published: 2015 August 28 20:21 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID17643 may contain the following files: Name |...
CVE-2014-7911
luni/src/main/java/java/io/ObjectInputStream.java in the java.io.ObjectInputStream implementation in Android before 5.0.0 does not verify that deserialization will result in an object that met the requirements for serialization, which allows attackers to execute arbitrary code via a crafted...
Deserialization of untrusted data
luni/src/main/java/java/io/ObjectInputStream.java in the java.io.ObjectInputStream implementation in Android before 5.0.0 does not verify that deserialization will result in an object that met the requirements for serialization, which allows attackers to execute arbitrary code via a crafted...
CVE-2014-7911
CVE-2014-7911 affects Android's deserialization path in ObjectInputStream (Android before 5.0.0). The vulnerability allows an attacker to achieve arbitrary code execution via a crafted serialized object, invoked through an ArrayMap Parcel inside an intent to system_service, demonstrated by the fi...
Threat Outbreak Alert RuleID11446: Email Messages Distributing Malicious Software on September 8, 2014
Medium Alert ID: 35632 First Published: 2014 September 9 13:26 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID11446 may contain the following files: Name |...
Threat Outbreak Alert: Fake Parcel Notification Email Messages on December 6, 2013
Medium Alert ID: 32070 First Published: 2013 December 9 16:59 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a parcel for the recipient. The text in the email message attempts to convince the recipient to open the...
Threat Outbreak Alert: Fake UPS Parcel Notification Email Messages on August 15, 2013
Medium Alert ID: 30435 First Published: 2013 August 15 17:56 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a UPS parcel notification for the recipient. The text in the email message attempts to convince the recipient t...
Threat Outbreak Alert: Fake Package Delivery Information Email Messages on August 14, 2013
Medium Alert ID: 30406 First Published: 2013 August 14 13:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a UPS parcel notification for the recipient. The text in the email message attempts to convince the recipient t...
Threat Outbreak Alert: Fake UPS Parcel Notification Email Messages on August 13, 2013
Medium Alert ID: 30398 First Published: 2013 August 13 17:51 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a UPS parcel notification for the recipient. The text in the email message attempts to convince the recipient t...
Threat Outbreak Alert: Fake UPS Parcel Notification Email Messages on August 21, 2013
Medium Alert ID: 30330 First Published: 2013 August 6 20:28 GMT Last Updated: 2013 August 21 13:47 GMT Version: 4 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a UPS parcel notification for the recipient. The text in the email messag...
Threat Outbreak Alert: Fake FedEx Parcel Delivery Failure Notification Email Messages on July 10, 2013.
Medium Alert ID: 30033 First Published: 2013 July 11 12:31 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a FedEx parcel delivery failure notification for the recipient. The text in the email message attempts to convinc...
Threat Outbreak Alert: Fake FedEx Parcel Delivery Failure Notification Email Messages on May 11, 2015
Medium Alert ID: 25717 First Published: 2012 April 20 16:52 GMT Last Updated: 2015 May 12 14:46 GMT Version: 70 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a parcel delivery failure notification for the recipient. The text in the...
Threat Outbreak Alert: Fake UPS Payment Document Attachment Email Messages on January 21, 2014
Low Alert ID: 25171 First Published: 2012 February 13 15:22 GMT Last Updated: 2014 January 22 15:06 GMT Version: 53 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment document from the United Parcel Service UPS for the recipient...