16 matches found
EUVD-2018-6867
Malware in sbrugna...
EUVD-2018-6866
Malware in sbrugna...
EUVD-2018-6868
Malware in sbrugna...
Design/Logic Flaw
The Leagoo Z5C Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.messaging versionCode=1000110, versionName=1.0.001, android.20170630.092853-0 containing an exported...
Code injection
The Leagoo Z5C Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.messaging versionCode=1000110, versionName=1.0.001, android.20170630.092853-0 with an exported broadca...
CVE-2018-14984
The Leagoo Z5C Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.messaging versionCode=1000110, versionName=1.0.001, android.20170630.092853-0 with an exported broadca...
Design/Logic Flaw
The Leagoo Z5C Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.android.settings versionCode=23, versionName=6.0-android.20170630.092853 that contains an exported...
CVE-2018-14986
The Leagoo Z5C Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.messaging versionCode=1000110, versionName=1.0.001, android.20170630.092853-0 containing an exported...
CVE-2018-14985
The Leagoo Z5C Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.android.settings versionCode=23, versionName=6.0-android.20170630.092853 that contains an exported...
CVE-2018-14985
The Leagoo Z5C Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.android.settings versionCode=23, versionName=6.0-android.20170630.092853 that contains an exported...
CVE-2018-14984
The CVE-2018-14984 entry describes a vulnerability on the Leagoo Z5C (Android 6.0) where a pre-installed app, com.android.messaging, contains an exported BroadcastReceiver (TrackerSender). Any co-located app, even with no permissions, can send a crafted broadcast to this component, triggering pro...
CVE-2018-14985
The Leagoo Z5C Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.android.settings versionCode=23, versionName=6.0-android.20170630.092853 that contains an exported...
CVE-2018-14986
The Leagoo Z5C Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.messaging versionCode=1000110, versionName=1.0.001, android.20170630.092853-0 containing an exported...
CVE-2018-14984
The Leagoo Z5C Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.messaging versionCode=1000110, versionName=1.0.001, android.20170630.092853-0 with an exported broadca...
CVE-2018-14985
The CVE-2018-14985 entry concerns the Leagoo Z5C (build sp7731c_1h10_32v4_bird:6.0) where a pre-installed platform app (com.android.settings, versionCode 23) contains an exported broadcast receiver that allows any on-device app to programmatically initiate a factory reset. The initiating app does...
CVE-2018-14986
The CVE-2018-14986 entry describes a vulnerability on the Leagoo Z5C: a pre-installed app com.android.messaging exposes an exported content provider (MessagingContentProvider) that allows any co-located, zero-permission app to read the most recent text messages from every conversation, including ...