) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:google:android:1.6:*:*:*:*:*:*:*
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2010-4804 |
The Android browser in Android before 2.3.4 allows remote attackers to obtain SD card contents via crafted content:// URIs, related to (1) BrowserActivity.java and (2) BrowserSettings.java in com/android/browser/. Published: June 09, 2011; 6:36:27 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2011-1149 |
Android before 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges, as demonstrated by psneuter and KillingInTheNameOf, related to the use of Android shared memory (ashmem) and ASHMEM_SET_PROT_MASK. Published: April 21, 2011; 6:55:01 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
| CVE-2011-0680 |
data/WorkingMessage.java in the Mms application in Android before 2.2.2 and 2.3.x before 2.3.2 does not properly manage the draft cache, which allows remote attackers to read SMS messages intended for other recipients in opportunistic circumstances via a standard text messaging service. Published: January 31, 2011; 3:00:51 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2010-1807 |
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation. Published: September 10, 2010; 3:00:02 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |