| ID |
CVE-2016-0812
|
| Sažetak |
The interceptKeyBeforeDispatching function in policy/src/com/android/internal/policy/impl/PhoneWindowManager.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.0 before 2016-02-01 does not properly check for setup completion, which allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25229538. |
| Reference |
|
| CVSS |
| Base: | 6.6 |
| Impact: | 9.2 |
| Exploitability: | 3.9 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| LOCAL |
LOW |
NONE |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| NONE |
COMPLETE |
COMPLETE |
|
| CVSS vektor |
AV:L/AC:L/Au:N/C:N/I:C/A:C |
| Zadnje važnije ažuriranje |
14-03-2016 - 15:41 |
| Objavljeno |
07-02-2016 - 01:59 |
