Page 126 of 765 results (0.005 seconds)

CVSS: 7.2EPSS: 0%CPEs: 17EXPL: 6

The addAccount method in src/com/android/settings/accounts/AddAccountSettings.java in the Settings application in Android before 5.0.0 does not properly create a PendingIntent, which allows attackers to use the SYSTEM uid for broadcasting an intent with arbitrary component, action, or category information via a third-party authenticator in a crafted application, aka Bug 17356824. El método addAccount en src/com/android/settings/accounts/AddAccountSettings.java en la aplicación Settings en Android anterior a 5.0.0 no crea correctamente un PendingIntent, lo que permite a atacantes utilizar la uid SYSTEM para emitir un intento con información arbitraria de componentes, acciones o categorías a través de un autenticador tercera parte en una aplicación manipulada, también conocido como Bug 17356824. In Android versions prior to 5.0 and possibly greater than and equal to 4.0, Settings application leaks Pendingintent with a blank base intent (neither the component nor the action is explicitly set) to third party applications. Due to this, a malicious app can use this to broadcast intent with the same permissions and identity of the Settings application, which runs as SYSTEM uid. • https://github.com/MazX0p/CVE-2014-8609-POC https://github.com/ratiros01/CVE-2014-8609-exploit https://github.com/locisvv/Vulnerable-CVE-2014-8609 http://packetstormsecurity.com/files/129281/Android-Settings-Pendingintent-Leak.html http://seclists.org/fulldisclosure/2014/Nov/81 http://xteam.baidu.com/?p=158 https://android.googlesource.com/platform/packages/apps/Settings/+/f5d3e74ecc2b973941d8adbe40c6b23094b5abb7 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 3.3EPSS: 0%CPEs: 96EXPL: 0

The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) servername section, which triggers the option to be processed again. La función get_option en dhcpcd 4.0.0 hasta 6.x anterior a 6.4.3 permite a servidores DHCP remotos causar una denegación de servicio mediante la restablecimiento de la opción DHO_OPTIONSOVERLOADED en la sección (1) bootfile o (2) servername, lo que provoca que la opción se vuelva a procesar. • http://advisories.mageia.org/MGASA-2014-0334.html http://roy.marples.name/projects/dhcpcd/ci/1d2b93aa5ce25a8a710082fe2d36a6bf7f5794d5?sbs=0 http://source.android.com/security/bulletin/2016-04-02.html http://www.mandriva.com/security/advisories?name=MDVSA-2014:171 http://www.openwall.com/lists/oss-security/2014/07/30/5 http://www.openwall.com/lists/oss-security/2014/09/01/11 http://www.securityfocus.com/bid/68970 http://www.slackware.com/security/viewer.php?l=slackware-security&y=20 • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 0%CPEs: 221EXPL: 0

Mozilla Firefox before 29.0 on Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses DOM events to prevent the reemergence of the actual address bar after scrolling has taken it off of the screen. Mozilla Firefox anterior a 29.0 en Android permite a atacantes remotos falsificar la barra de direcciones a través de código Java manipulado que utiliza eventos DOM para prevenir la reaparición de la barra de direcciones verdadera después de que desplazamiento lo ha sacado de la pantalla. • http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html http://www.mozilla.org/security/announce/2014/mfsa2014-40.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securitytracker.com/id/1030163 https://bugzilla.mozilla.org/show_bug.cgi?id=960146 •

CVSS: 5.0EPSS: 0%CPEs: 13EXPL: 1

The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture (JCA) in Android before 4.4 and other products, when no seed is provided by the user, uses an incorrect offset value, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the resulting PRNG predictability, as exploited in the wild against Bitcoin wallet applications in August 2013. La función engineNextBytes en classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java en la implementación SecureRandom en Apache Harmony hasta 6.0M3, utilizado en Java Cryptography Architecture (JCA) en Android anterior a 4.4 y otros productos, cuando el usuario no proporciona una semilla, la función usa utiliza un valor de desplazamiento incorrecto, lo que facilita a un atacante poder anular los mecanismos de protección criptográfica mediante el aprovechamiento de la previsibilidad PRNG resultante, tal y como se demostró activamente contra las aplicaciones Bitcoin Wallet en agosto 2013. • http://android-developers.blogspot.com.au/2013/08/some-securerandom-thoughts.html http://www.nds.rub.de/media/nds/veroeffentlichungen/2013/03/25/paper_2.pdf https://android.googlesource.com/platform/libcore/+/kitkat-release/luni/src/main/java/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java https://bitcoin.org/en/alert/2013-08-11-android • CWE-310: Cryptographic Issues •

CVSS: 7.5EPSS: 0%CPEs: 40EXPL: 0

Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications. Android anterior a 4.4 no ejecuta debidamente la creación de semillas del PRNG OpenSSL, lo que facilita a atacantes anular mecanismos de protección criptográficos mediante el aprovechamiento del uso del PRNG dentro de múltiples aplicaciones. • http://android-developers.blogspot.com.au/2013/08/some-securerandom-thoughts.html http://emboss.github.io/blog/2013/08/21/openssl-prng-is-not-really-fork-safe http://marc.info/?l=openssl-dev&m=130289811108150&w=2 http://marc.info/?l=openssl-dev&m=130298304903422&w=2 http://www.reddit.com/r/Android/comments/1k6f03/due_to_a_serious_encryptionrng_flaw_in_android/cblvum5 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •