CVE-2015-9546
CVE-2015-9546 affects Samsung mobile devices running KK(4.4) and later through 2015-06-16. The issue arises when HTTP is used for an Inputmethod instead of HTTPS, allowing a man-in-the-middle to modify the client–server data stream and insert directory traversal sequences into an extracted file p...