15 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-3914
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in providers/telephony/MmsProvider.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01,...
CVE-2022-20280
In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2023-21290
In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21290
CVE-2023-21290 affects Google Android (MmsProvider.java) and is due to a race condition that can bypass file permission checks. This enables local denial of service with no additional execution privileges and requires no user interaction to exploit. Public references indicate Android security bul...
CVE-2023-21268
In update of MmsProvider.java, there is a possible way to change directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2023-18049 · Google · Android
Name of the Vulnerable Software and Affected Versions: MmsProvider.java affected versions not specified Description: The issue is related to a path traversal error in the update of MmsProvider.java, which could lead to a change in directory permissions. This may result in a local denial of servic...
Path traversal
In update of MmsProvider.java, there is a possible constriction of directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersion...
CVE-2022-20453
In update of MmsProvider.java, there is a possible constriction of directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersion...
ASB-A-240685104
In update of MmsProvider.java, there is a possible constriction of directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2022-20280
In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20280
In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Sql injection
In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20280
In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-20280
CVE-2022-20280 affects Android 13, specifically the MMSProvider component. The issue is described as an SQL injection vulnerability caused by improper input validation that permits reading protected data, potentially exposing short message service (SMS) and multimedia message service (MMS) data. ...
Race condition
Race condition in providers/telephony/MmsProvider.java in Telephony in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application that modifies a database between two open...