3 matches found
CVE-2019-2124
In ComposeActivityEmailExternal of ComposeActivityEmailExternal.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure...
CVE-2019-1995
In ComposeActivityEmail of ComposeActivityEmail.java, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure, sending files accessible to AOSP Mail to a remote email recipient, with no additional execution privileges...
The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information
The vulnerability in the mail/compose/ComposeActivity.java function of the AOSP Mail component in the Android operating system is related to the lack of protection for sensitive data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain confidential informati...