CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-10135
https://notcve.org/view.php?id=CVE-2016-10135
An issue was discovered on LG devices using the MTK chipset with L(5.0/5.1), M(6.0/6.0.1), and N(7.0) software, and RCA Voyager Tablet, BLU Advance 5.0, and BLU R1 HD devices. The MTKLogger app with a package name of com.mediatek.mtklogger has application components that are accessible to any application that resides on the device. Namely, the com.mediatek.mtklogger.framework.LogReceiver and com.mediatek.mtklogger.framework.MTKLoggerService application components are exported since they contain an intent filter, are not protected by a custom permission, and do not explicitly set the android:exported attribute to false. Therefore, these components are exported by default and are thus accessible to any third party application by using android.content.Intent object for communication. These application components can be used to start and stop the logs using Intent objects with embedded data. • http://www.securityfocus.com/bid/96846 https://lgsecurity.lge.com/security_updates.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5558
https://notcve.org/view.php?id=CVE-2007-5558
Integer overflow in the LG Mobile handset allows remote attackers to cause a denial of service (reboot) via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. Desbordamiento de entero en el terminal LG Mobile permite a atacantes remotos provocar una denegación de servicio (reinicio) mediante un paquete HTTP manipulado. NOTA: a fecha de 16/10/2007, la única revelación es un vago preaviso sin información de uso inmediato. • http://www.irmplc.com/index.php/111-Vendor-Alerts • CWE-189: Numeric Errors •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2005-1132
https://notcve.org/view.php?id=CVE-2005-1132
LG U8120 mobile phone allows remote attackers to cause a denial of service (device crash) via a malformed MIDI file. • http://securitytracker.com/id?1013777 http://www.securityfocus.com/archive/1/395714 http://www.securityfocus.com/bid/13154 https://exchange.xforce.ibmcloud.com/vulnerabilities/20091 •