CVE-2014-8610
AndroidManifest.xml in Android before 5.0.0 does not require the SENDSMS permission for the SmsReceiver receiver, which allows attackers to send stored SMS messages, and consequently transmit arbitrary new draft SMS messages or trigger additional per-message charges from a network operator for ol...