5 matches found
CVE-2017-2694
The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. An attacker can construct a malicious application to call it. Consequently, alert music will be played suddenly, compromising user experienc...
CVE-2017-2694
The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. An attacker can construct a malicious application to call it. Consequently, alert music will be played suddenly, compromising user experienc...
Code injection
The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. An attacker can construct a malicious application to call it. Consequently, alert music will be played suddenly, compromising user experienc...
CVE-2017-2694
The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. An attacker can construct a malicious application to call it. Consequently, alert music will be played suddenly, compromising user experienc...
Huawei HwVmall Local Security Bypass Vulnerability
Huawei HwVmall is a set of e-commerce platform for national service. A security vulnerability exists in the AlarmService service component in Huawei HwVmall versions prior to 1.5.2.0. The vulnerability stems from the fact that the program does not have invocation privilege control, and can be...