Samsung Patches Six Critical Bugs in Flagship Handsets

Samsung began rolling out patches over the weekend to fix six critical bugs found in its flagship Android handsets as part of its May patch bulletin. Flaws range from a remote code execution bug to a buffer overflow vulnerability, plus a peek-and-poke command bug that leaves memory locations open...

Fuze Patches TPN Handset Vulnerabilties

Fuze, a maker of popular enterprise-grade voice-over-IP handsets, earlier this year patched three vulnerabilities that exposed user account information and enabled unauthorized authentication. The issues were made public today by researchers at Rapid7 who privately disclosed the flaws on April 12...

More than a Billion Snapdragon-based Android Phones Vulnerable to Hacking

More than a Billion of Android devices are at risk of a severe vulnerability in Qualcomm Snapdragon chip that could be exploited by any malicious application to gain root access on the device. Security experts at Trend Micro are warning Android users of some severe programming blunders in...

LG Handsets' App Update Doesn't Verify SSL Cert, Could Lead to Hijacking

Many smartphones manufactured by LG contain a vulnerability that can allow an attacker to replace an APK file with a malicious file of his choice. The problem is the result of several conditions on LG phones. Like other manufacturers, LG includes custom apps on its handsets, which are not availab...

CVE-2014-7252

The CVE-2014-7252 entry relates to multiple improper data validation vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processors. The Syslink driver, used in devices such as NTT DOCOMO ARROWS and SoftBank SHARP handsets, allows local users to execute arbitrary code or read ...

Motorola Bluetooth Interface Dialog Spoofing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17190/info Motorola mobile handsets are prone to a dialog-spoofing vulnerability when accepting Bluetooth communications. An attacker could exploit this issue to trick a user into granting them AT access to the device. Th...

Mediacoder (.m3u) - SEH Buffer Overflow

No description provided by source. !/usr/bin/python import os import sys from struct import pack from time import sleep if os.name == nt: os.systemcls os.systemcolor 3f else: os.systemclear print +Exploit Title: All Mediacoder Product SEH Buffer Overflow +Download All Product:...

Mediacoder .m3u SEH Buffer Overflow

!/usr/bin/python import os import sys from struct import pack from time import sleep if os.name == "nt": os.system"cls" os.system"color 3f" else: os.system"clear" print """ +Exploit Title: All Mediacoder Product SEH Buffer Overflow +Download All Product: http://www.mediacoderhq.com/editions.html...

Critical flaw in Viber app allows full access to Smartphones

More than 50 millions of Smartphone users worldwide are facing a risk posed by a critical flaw in Viber app. The security company Bkav announced that it has found a way to gain full access to Android phones using the popular Viber messaging app. Unlike the Samsung lockscreen issue we reported on...

Free Android encryption comes to Egypt, The revolution will be encrypted !

Free cellphone encryption is coming to Android users in Egypt courtesy of San Francisco software maker Whisper Systems. Until now, Redphone and TextSecure, voice- and text-encryption apps respectively, have generally been available in the US only. Whisper Systems has been working on making the...

Mobile Attacks Reign at Black Hat DC

ARLINGTON, VA–A number of researchers showed off interesting new attack techniques at the Black Hat DC conference this week, including one that enables an attacker to execute malicious code on handsets over the air. Perhaps the most interesting technique discussed at the show was a novel attack...

Data Consumption via Opera Mini Reaches 6.3 Petabytes

Opera releases monthly data generated by its users. In November 2010, Opera reported significant increases in unique users, pages viewed, and data consumed via its Mini browser. Around 80 million people used the Opera Mini browser in November, viewing 44.6 billion pages. According to Opera, its...

Don Bailey and Nick D' on GSM Hacking and Privacy

Dennis Fisher talks with Don Bailey of iSec Partners and Nick D’, an independent security researcher, about their recent work on geolocation and tracking of GSM mobile handsets and the privacy and security implications for users. Podcast audio courtesy of sykboy65 Subscribe to the Digital...

CVE-2008-1114

Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol PEAP, do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle MITM attacks...

Authentication flaw

Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol PEAP, do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle MITM attacks...

CVE-2008-1114

CVE-2008-1114 affects Vocera Communications wireless handsets when using PEAP; the client fails to validate the server certificate, enabling a remote wireless access point to perform MITM attacks and potentially capture hashed passwords. Root cause: lack of server-certificate validation in PEAP a...

CVE-2008-1114

Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol PEAP, do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle MITM attacks...

CVE-2007-5639

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel IP Phone, Mobile Voice Client, and WLAN Handsets products allow remote attackers to cause a denial of service device hang via a flood of Mute and UnMute messages that have a spoofed source IP address for the Signaling Server...

Motorola - BlueTooth Interface Dialog Spoofing

Motorola - BlueTooth Interface Dialog Spoofing source: https://www.securityfocus.com/bid/17190/info Motorola mobile handsets are prone to a dialog-spoofing vulnerability when accepting Bluetooth communications. An attacker could exploit this issue to trick a user into granting them AT access to t...