CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2009-0606
https://notcve.org/view.php?id=CVE-2009-0606
The link_image function in linker/linker.c in the dynamic linker in Bionic in Open Handset Alliance Android 1.0 on the T-Mobile G1 phone does not properly handle file descriptors 0, 1, and 2 for a setgid program, which allows local users to create arbitrary files owned by certain groups, possibly a related issue to CVE-2002-0820. La función link_image en linker/linker.c en the dynamic linker en Bionic en Open Handset Alliance Android v1.0 en el teléfono T-Mobile G1 no maneja adecuadamente los descriptores de fichero 0,1 y 2 para un programa setgid, lo que permite a usuarios locales crear ficheros de su elección que pertenecen a ciertos grupos, posiblemente es un caso relacionado con CVE-2002-0820. • http://www.securityfocus.com/archive/1/500753/100/0/threaded http://www.securityfocus.com/bid/33695 https://exchange.xforce.ibmcloud.com/vulnerabilities/48840 • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2009-0607
https://notcve.org/view.php?id=CVE-2009-0607
Multiple integer overflows in malloc_leak.c in Bionic in Open Handset Alliance Android 1.0 have unknown impact and attack vectors, related to the (1) chk_calloc and (2) leak_calloc functions. Múltiples desbordamientos de entero en malloc_leak.c en Bionic en Open Handset Alliance Android v1.0 tienen un impacto y vectores de ataque desconocidos, relacionado con las funciones (1)chk_calloc y (2)leak_calloc, • http://www.securityfocus.com/archive/1/500753/100/0/threaded http://www.securityfocus.com/bid/33695 https://exchange.xforce.ibmcloud.com/vulnerabilities/48841 • CWE-189: Numeric Errors •