2 matches found
CVE-2014-8610
The CVE describes a vulnerability in Android prior to 5.0.0 where AndroidManifest.xml does not require SEND_SMS for the SmsReceiver, allowing an unprivileged app to cause stored SMS messages to be resent or new draft SMS messages to be sent by broadcasting the com.android.mms.transaction.MESSAGE_...
Android SMS Resend
INTRODUCTION ================================== In Android 5.0, an unprivileged app can resend all the SMS stored in the user's phone to their corresponding recipients or senders without user interaction. No matter whether these SMS are sent to or received from other people. This may leads to...