CVE-2009-2348
Android 1.5 CRBxx allows local users to bypass CAMERA and AUDIO_RECORD permission checks by installing an app that does not request permissions before using the camera or microphone. Affected: all 1.5 CRBxx variants. Root cause: improper permission verification in Android’s runtime/device policy ...