| ID | CVE-2014-8610 | ||||||
| Sažetak | AndroidManifest.xml in Android before 5.0.0 does not require the SEND_SMS permission for the SmsReceiver receiver, which allows attackers to send stored SMS messages, and consequently transmit arbitrary new draft SMS messages or trigger additional per-message charges from a network operator for old messages, via a crafted application that broadcasts an intent with the com.android.mms.transaction.MESSAGE_SENT action, aka Bug 17671795. | ||||||
| Reference |
|
||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:L/AC:M/Au:N/C:P/I:P/A:N | ||||||
| Zadnje važnije ažuriranje | 16-12-2014 - 20:06 | ||||||
| Objavljeno | 15-12-2014 - 18:59 |
