Vulnerabilities > Google > Android > 4.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-12-15 | CVE-2014-8507 | SQL Injection vulnerability in Google Android Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android before 5.0.0 allow remote attackers to execute arbitrary SQL commands, and consequently launch an activity or service, via the (1) wapAppId or (2) contentType field of a PDU for a malformed WAPPush message, aka Bug 17969135. | 7.5 |
2014-09-04 | CVE-2014-6060 | Resource Management Errors vulnerability in multiple products The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) servername section, which triggers the option to be processed again. | 3.3 |
2014-03-31 | CVE-2013-6770 | Permissions, Privileges, and Access Controls vulnerability in multiple products The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.3 and 4.4 does not properly restrict the set of users who can execute /system/xbin/su with the --daemon option, which allows attackers to gain privileges by leveraging ADB shell access and a certain Linux UID, and then creating a Trojan horse script. | 7.6 |
2014-03-19 | CVE-2014-1979 | Code Injection vulnerability in Nttdocomo Spmode Mail Android The NTT DOCOMO sp mode mail application 5900 through 6300 for Android 4.0.x and 6000 through 6620 for Android 4.1 through 4.4 allows remote attackers to execute arbitrary Java methods via Deco-mail emoticon POP data in an e-mail message. | 6.8 |
2014-03-19 | CVE-2014-1978 | Permissions, Privileges, and Access Controls vulnerability in Nttdocomo Spmode Mail Android The application link interface in the NTT DOCOMO sp mode mail application 6100 through 6300 for Android 4.0.x and 6130 through 6700 for Android 4.1 through 4.4 writes message content to the SD card during e-mail composition, which allows attackers to obtain sensitive information via a crafted application. | 4.3 |
2014-03-19 | CVE-2014-1977 | Permissions, Privileges, and Access Controls vulnerability in Nttdocomo Spmode Mail Android The NTT DOCOMO sp mode mail application 6300 and earlier for Android 4.0.x and 6700 and earlier for Android 4.1 through 4.4 uses weak permissions for attachments during processing of incoming e-mail messages, which allows attackers to obtain sensitive information via a crafted application. | 4.3 |