Vulnerabilities > CVE-2009-2999 - Unspecified vulnerability in Google Android 1.5
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
References
- http://securitytracker.com/id?1022986
- http://www.ocert.org/advisories/ocert-2009-014.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53655
- http://www.securityfocus.com/archive/1/506948/100/0/threaded
- http://android.git.kernel.org/?p=platform/frameworks/base.git%3Ba=commit%3Bh=46e23fe762d2143d60589ab6d39c4b47c2c754d1