5 matches found
CVE-2025-26453
In isContentUriForOtherUser of BluetoothOppSendFileInfo.java, there is a possible cross user data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-26453
CVE-2025-26453 concerns a cross-user information disclosure in Android Bluetooth code (BluetoothOppSendFileInfo.java) due to a logic error in isContentUriForOtherUser. The issue enables local information disclosure with no extra execution privileges and does not require user interaction. The prim...
CVE-2024-49728
In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible cross user media disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-49728
In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible cross user media disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2025-11051
Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The generateFileInfo function within BluetoothOppSendFileInfo.java may allow for cross-user media disclosure due to a confused deputy issue. This could result in local information disclosur...