4 matches found
Huawei P7-L10 MeWidget Information Disclosure Vulnerability
The P7-L10 is a smartphone from the Chinese company Huawei.MeWidget is one of the desktop customization tools. An information disclosure vulnerability exists in the MeWidget plugin in Huawei P7-L10 V100R001C00B136 and earlier versions. The vulnerability can be exploited by an attacker with the he...
CVE-2014-9135
The PackageInstaller module in Huawei P7-L10 smartphones before V100R001C00B136 allows remote attackers to spoof the origin website and bypass the website whitelist protection mechanism via a crafted package...
Authentication flaw
The PackageInstaller module in Huawei P7-L10 smartphones before V100R001C00B136 allows remote attackers to spoof the origin website and bypass the website whitelist protection mechanism via a crafted package...
CVE-2014-9135
CVE-2014-9135 affects Huawei P7-L10 smartphones (pre-V100R001C00B136) where the PackageInstaller module can be tricked by a crafted package to spoof the origin website and bypass the website whitelist protection. The issue, described in Huawei’s HW PSIRT advisory HW-397472, indicates a validity c...