EUVD-2013-6570

Malware in sbrugna...

SUSE CVE-2014-1484

Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application...

CVE-2012-4222

drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center QuIC Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service NULL pointer dereference via an application that uses crafted arguments in a local kgslioctl call...

CVE-2013-6768

Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse appprocess program via a crafted PATH environment variable for a /system/xbin/su process...

Design/Logic Flaw

Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and Chainfire SuperSU package before 1.69 for Android 4.2.x and earlier allows attackers to load an...

Design/Logic Flaw

Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse appprocess program via a crafted PATH environment variable for a /system/xbin/su process...

CVE-2013-6768

The CVE-2013-6768 entry describes an untrusted search path vulnerability in CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier. A crafted PATH for /system/xbin/su can trigger the Dalvik VM to launch a Trojan horse app_process, enabling privilege-related risk. C...

CVE-2013-6774

Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and Chainfire SuperSU package before 1.69 for Android 4.2.x and earlier allows attackers to load an...

CVE-2013-6774

CVE-2013-6774 describes an untrusted search path vulnerability in Android Superuser implementations (ChainsDD Superuser 3.1.3, CyanogenMod/ClockWorkMod/Koush Superuser 1.0.2.1, Chainfire SuperSU before 1.69) on Android 4.2.x and earlier. The issue arises because BOOTCLASSPATH can be crafted to lo...

Google Forces Handset Manufacturers to Ship Smartphone with latest Android version

Get bored with the older versions of Google’s Android Operating system? Then there is Good News for Android lovers! Google is putting an end to the older versions of Android newly manufactured Smartphone Handsets. According to a leaked Google Document, the Smartphone Manufacturers will be forced ...

CVE-2014-1484

Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application...

Code injection

Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application...

CVE-2014-1484

Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application...

CVE-2014-1484

CVE-2014-1484 affects Mozilla Firefox on Android 4.2 and earlier, where system logs may contain profile paths, enabling a crafted application to access sensitive information. Connected docs reference the CVE within openSUSE Firefox ESR advisories and indicate fixes in later Firefox ESR updates (e...

Android 4.2.x Superuser Shell Character Escape

Vulnerable releases of two common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root, either without prompting the user or after the user has denied the request: - CyanogenMod/ClockWorkMod/Koush Superuser current releases, including v1.0.2.1 ...

CVE-2012-4222

drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center QuIC Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service NULL pointer dereference via an application that uses crafted arguments in a local kgslioctl call...

Null pointer dereference

diagcharcore.c in the Qualcomm Innovation Center QuIC Diagnostics aka DIAG kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service incorrect pointer dereference via an application that uses crafted arguments in a local diagcharioctl...

Null pointer dereference

drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center QuIC Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service NULL pointer dereference via an application that uses crafted arguments in a local kgslioctl call...

CVE-2012-4221

Integer overflow in diagcharcore.c in the Qualcomm Innovation Center QuIC Diagnostics aka DIAG kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service via an application that uses crafted arguments in a local diagcharioctl call...

CVE-2012-4220

diagcharcore.c in the Qualcomm Innovation Center QuIC Diagnostics aka DIAG kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service incorrect pointer dereference via an application that uses crafted arguments in a local diagcharioctl...