287 matches found
CVE-2016-2440
CVE-2016-2440 affects Android’s Binder component, specifically the code path in libs/binder/IPCThreadState.cpp within Binder. The description indicates that object references are mishandled, allowing a crafted application to gain privileges (elevation of privilege) on affected Android versions. A...
Android 5. x vulnerability: the hacker can bypass the screen password to enter the system-vulnerability warning-the black bar safety net
Many Android users will choose to use a lock screen password protect the device, but the latest burst of vulnerability was shocking: any person who without complex operation can bypass the lock screen directly into your system! An attacker can exploit the pilot gets a lock on the device all the...
Google Android Stagefright MP4 Multiple Atoms Integer Overflow (CVE-2015-1538; CVE-2015-3824; CVE-2015-3829; CVE-2015-3864)
A remote code execution vulnerability, known as Stagefright Vulnerability, has been reported in Android devices core. The vulnerability is due to an integer overflow condition in multiple MP4 atoms. Successful exploitation would allow an attacker to execute arbitrary code on the target or to crea...
Android Broadcast Assembly permission bypass vulnerability-vulnerability warning-the black bar safety net
Lolipop source code has been released some days, I found google in Android 5.0 on the Fix a high risk vulnerability, exploit the vulnerability you can send any broadcast: not only can you send a system protection level of the broadcast, you can also ignore receiver android:exported=false...
Patched Code-Execution Bug Affects Most Android Users
A serious code-execution vulnerability in Android 4.3 and earlier was patched in KitKat, the latest version of the operating system. Researchers at IBM this week disclosed the nature of the vulnerability, which was privately disclosed to the Android Security Team in September and patched last...
EUVD-2011-3872
The Zygote process in Android 4.0.3 and earlier accepts fork requests from processes with arbitrary UIDs, which allows remote attackers to cause a denial of service reboot loop via a crafted application...
Backdoor in Android for No-Permissions Reverse Shell
Backdoor in Android for No-Permissions Reverse Shell Security expert Thomas Cannon working at viaForensics as the Director of R&D has demonstrated a custom-developed app that installs a backdoor in Android smartphones – without requiring any permissions or exploiting any security holes. Thomas...