Vulnerabilities > CVE-2011-0680 - Unspecified vulnerability in Google Android
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
data/WorkingMessage.java in the Mms application in Android before 2.2.2 and 2.3.x before 2.3.2 does not properly manage the draft cache, which allows remote attackers to read SMS messages intended for other recipients in opportunistic circumstances via a standard text messaging service.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 13 |
References
- http://twitter.com/GalaxySsupport/statuses/28078194607263744
- http://www.engadget.com/2011/01/22/nexus-one-gets-tiny-update-to-android-2-2-2-probably-fixes-sms/
- http://phandroid.com/2011/01/21/android-2-3-2-update-pushing-to-nexus-s-phone-fixes-sms-bug/
- http://www.htcphones.net/nexus-one-update-to-android-2-2-2/
- http://www.theinquirer.net/inquirer/news/1939386/google-updates-nexus-android-222
- http://www.samsunghub.com/2011/01/22/nexus-s-gets-android-2-3-2-fixes-sms-bug/
- http://www.securityfocus.com/bid/46105
- http://code.google.com/p/android/issues/detail?id=9392#c1620
- http://code.google.com/p/android/issues/detail?id=9392#c1460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65125
- http://android.git.kernel.org/?p=platform/packages/apps/Mms.git%3Ba=commit%3Bh=4d26623ce82230e8e7009adb921c5edea370a9e0
- http://android.git.kernel.org/?p=platform/packages/apps/Mms.git%3Ba=commit%3Bh=18d6b7e9d2e538fb3c0264332b96c02abf367267