← voltar
CVE-2013-6272

CVE-2013-6272

EPSS 1.5%
The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone calls to arbitrary numbers, send mmi or ussd codes, or hangup ongoing calls via a crafted application.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/127359/Android-OS-Authorization-Missing.htmlhttps://curesec.com/blog/article/blog/35.htmlhttp://seclists.org/fulldisclosure/2014/Jul/13https://exchange.xforce.ibmcloud.com/vulnerabilities/94423http://www.securityfocus.com/bid/68415