4363 matches found
Android Master Key Bug Details Made Public
The details of the Android vulnerability that enables an attacker to create a malicious update to an APK file without breaking its cryptographic signature have become public but it appears as though Google will have a patch ready for the flaw by the time it’s fully disclosed early next month. The...
Android vulnerability allows hackers to modify apps without breaking signatures
Almost all Android handsets are vulnerable to a flaw that could allow hackers to seize control of a device to make calls, send texts, or build a mobile botnet, has been uncovered by Bluebox Security .i.e almost 900 million Android devices globally. Or simply, The Flaw allow hackers to modify any...
CVE-2013-0790
Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service stack memory corruption and application crash or possibly execute arbitrary code via unknown vectors involving a plug-in...
T-Mobile Wi-Fi Calling App vulnerable to Man-in-the-Middle attack
T-Mobile devices having a default Wi-Fi Calling feature that keeps you connected in areas with little or no coverage using Wi-Fi connection. But according to new finding by students Jethro Beekman and Christopher Thompson from University of California Berkeley, that this feature lets millions of...
CVE-2011-1352
The CVE-2011-1352 issue affects the PowerVR SGX driver used in Android prior to 2.3.6. A local attacker can trigger kernel memory corruption via the pvrsrvkm device by supplying crafted user data, enabling privilege escalation to root. Multiple connected sources (including Levitator exploit code,...
Monaca Debugger for Android information management vulnerability
Overview Monaca Debugger for Android contains an information management vulnerability. Monaca Debugger provided by Asial Corporation contains an issue where account information of the product or other information such as session IDs are saved in a log file. KuMaGa ShiRoIHi reported this...
PT-2012-6122 · Jpmorgan Chase · Chase Mobile Banking Application
Name of the Vulnerable Software and Affected Versions: Chase mobile banking application for Android affected versions not specified Description: The issue concerns a failure to verify the server hostname against the domain name in the X.509 certificate's Common Name CN or subjectAltName field. Th...
jigbrowser+ for Android vulnerable in the WebView class
Overview jigbrowser+ for Android contains a vulnerability in the WebView class. jigbrowser+ is a web browser for a smartphone. jigbrowser+ for Android contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/...
Cybozu Live for Android vulnerable to arbitrary Java method execution
Overview Cybozu Live for Android contains an arbitrary Java method execution vulnerability. Cybozu Live for Android is a client software for Cybozu Live. Cybozu Live for Android contains an arbitrary Java method execution vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc...
CVE-2012-2217
The HTC IQRD service for Android on the HTC EVO 4G before 4.67.651.3, EVO Design 4G before 2.12.651.5, Shift 4G before 2.77.651.3, EVO 3D before 2.17.651.5, EVO View 4G before 2.23.651.1, Vivid before 3.26.502.56, and Hero does not restrict localhost access to TCP port 2479, which allows remote...
CVE-2012-1387
Unspecified vulnerability in the RealTalk com.tmsmanager.tms application A.0.9.250 for Android has unknown impact and attack vectors...
CVE-2012-1382
Unspecified vulnerability in the Youdao Dictionary com.youdao.dict application 1.6.1, 2.0.12, and 3.0.01 for Android has unknown impact and attack vectors...
CVE-2012-1401
Unspecified vulnerability in the CamScanner com.intsig.camscanner application 1.2.2.20110823 and 1.3.2.20120116 for Android has unknown impact and attack vectors...
CVE-2012-1392
Unspecified vulnerability in the Dolphin Browser HD mobi.mgeek.TunnyBrowser application 6.2.0, 7.2.1, 7.3.0, and 7.4.0 for Android has unknown impact and attack vectors...
CVE-2012-1387
Unspecified vulnerability in the RealTalk com.tmsmanager.tms application A.0.9.250 for Android has unknown impact and attack vectors...
CVE-2012-1383
Unspecified vulnerability in the NetEase Reader com.netease.pris application 1.1.2 and 1.2.0 for Android has unknown impact and attack vectors...
CVE-2012-1387
Unspecified vulnerability in the RealTalk com.tmsmanager.tms application A.0.9.250 for Android has unknown impact and attack vectors...
HTC Android Vulnerability - Exposes Phone numbers, Gps, SMS, Emails etc
HTC Android Vulnerability - Exposes Phone numbers, Gps, SMS, Emails etc If you are running a HTC Android smartphone with the latest updates applied, chances are your personal data is freely accessible to any app you have given network access to in the form of full Internet permissions.This...
KLA10142 OSI vulnerability in Dropbox
Improper permission granting was found in Dropbox for Android. By exploiting this vulnerability malicious users can obtain dropbox session information. This vulnerability can be exploited remotely via a specially designed app. Original advisories Blog post Related products Dropbox-for-Android CVE...
Android vulnerability where an incorrect SSL certificate is displayed
Overview Android OS contains a vulnerability where an incorrect SSL certificate is displayed. Android OS contains a vulnerability where a SSL certificate from an outside site is displayed when a user attempts to display a SSL certificate from a site that reads in contents from an outside site...