Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

google android 3.0 vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2011-2344
Android Picasa in Android 3.0 and 2.x through 2.3.4 uses a cleartext HTTP session when transmitting the authToken obtained from ClientLogin, which allows remote attackers to gain privileges and access private pictures and web albums by sniffing the token from connections with...
Google Android 2.2Google Android 2.3.4Google Android 3.0Google Android 2.3Google Android 2.2.1Google Android 2.1Google Android 2.2.2Google Android 2.3.3
NA
CVE-2011-1823
The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileges via a negative index that bypasses a maximum-only signed integer check in...
Google Android 3.0Google Android 2.3Google Android 2.3.2Google Android 2.3.1Google Android 2.2Google Android 2.2.2Google Android 2.3.3Google Android 2.1Google Android 2.2.3Google Android 2.2.1
NA
CVE-2013-4710
Android 3.0 through 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly implement the WebView class, which allows remote attackers to execute arbitrary methods of Java objects or cause a denial of service (reboot) via a crafted web...
Google Android 4.0Google Android 3.2.6Google Android 3.2.4Google Android 3.2.2Google Android 4.0.4Google Android 4.0.2Google Android 3.2Google Android 3.0Google Android 4.1.2Google Android 4.1Google Android 4.0.3Google Android 4.0.1Google Android 3.2.1Google Android 3.1
NA
CVE-2012-4222
drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center (QuIC) Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service (NULL pointer dereference) via an application that uses crafted arguments in a local kgsl_ioctl call....
Google Android 3.1Google Android 3.2Google Android 3.0Google Android 3.2.2Google Android 2.3.5Google Android 2.3.7Google Android 3.2.6Google Android 4.0Google Android 4.0.1Google Android 2.3Google Android 2.3.1Google Android 2.3.2Google Android 2.3.3Google Android 4.1Google Android 4.0.4Google Android 4.0.3Google Android 4.0.2Google Android 2.3.4Google Android 2.3.6Google Android 3.2.1Google Android 3.2.4Google Android 4.2
NA
CVE-2012-4220
diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via an application that uses crafted arguments...
Google Android 2.3.3Google Android 2.3.5Google Android 2.3.7Google Android 3.2.2Google Android 3.2.6Google Android 4.0.1Google Android 2.3Google Android 3.1Google Android 3.2Google Android 3.0Google Android 2.3.1Google Android 2.3.2Google Android 4.0Google Android 4.1Google Android 4.0.4Google Android 4.0.3Google Android 2.3.4Google Android 2.3.6Google Android 3.2.1Google Android 3.2.4Google Android 4.0.2Google Android 4.2
NA
CVE-2012-4221
Integer overflow in diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service via an application that uses crafted arguments in a local...
Google Android 2.3Google Android 2.3.1Google Android 2.3.2Google Android 4.0Google Android 4.1Google Android 4.0.4Google Android 4.0.3Google Android 2.3.4Google Android 2.3.6Google Android 3.2.1Google Android 3.2.4Google Android 4.0.2Google Android 4.2Google Android 2.3.7Google Android 3.1Google Android 3.2Google Android 3.0Google Android 2.3.3Google Android 2.3.5Google Android 3.2.2Google Android 3.2.6Google Android 4.0.1
NA
CVE-2013-4787
Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that is modified in a way that does not violate the cryptographic signature,...
Google Android 2.3.3Google Android 2.3.4Google Android 4.0Google Android 4.1.2Google Android 4.0.4Google Android 4.0.3Google Android 4.0.2Google Android 4.2Google Android 4.0.1Google Android 2.3Google Android 2.2.2Google Android 1.6Google Android 2.1Google Android 3.1Google Android 2.3.2Google Android 3.2.2Google Android 3.2.1Google Android 2.2.1Google Android 2.3.5Google Android 2.2Google Android 2.3.6Google Android 3.0Google Android 2.3.7Google Android 4.1Google Android 3.2.4Google Android 3.2Google Android 2.2.3Google Android 2.3.1Google Android 2.0Google Android 2.0.1Google Android 3.2.6
NA
CVE-2012-6636
The Android API before 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote attackers to execute arbitrary methods of Java objects by using the Java Reflection API within crafted JavaScript code that is loaded into the WebView component in...
Google Android ApiGoogle Android Api 15.0Google Android Api 14.0Google Android Api 13.0Google Android Api 8.0Google Android Api 7.0Google Android Api 6.0Google Android Api 5.0Google Android Api 12.0Google Android Api 10.0Google Android Api 3.0Google Android Api 1.0Google Android Api 11.0Google Android Api 9.0Google Android Api 4.0Google Android Api 2.0
9.8
CVSSv3
CVE-2014-7920
mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921....
Google Android 3.2.4Google Android 3.2.6Google Android 2.3.1Google Android 2.3.2Google Android 4.0.2Google Android 4.0.3Google Android 4.2Google Android 4.2.1Google Android 4.4.4Google Android 2.3.7Google Android 3.0Google Android 2.2Google Android 2.3.3Google Android 2.3.4Google Android 4.0.4Google Android 4.1Google Android 4.2.2Google Android 4.3Google Android 3.1Google Android 3.2Google Android 2.2.1Google Android 2.2.2Google Android 2.2.3Google Android 2.3.5Google Android 2.3.6Google Android 4.1.2Google Android 5.0Google Android 4.3.1Google Android 4.4Google Android 4.4.1Google Android 3.2.1Google Android 3.2.2Google Android 2.3Google Android 4.0Google Android 4.0.1Google Android 5.0.1Google Android 5.0.2Google Android 4.4.2Google Android 4.4.3
NA
CVE-2013-7373
Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications....
Google Android 1.0Google Android 1.1Google Android 1.5Google Android 1.6Google Android 2.3.4Google Android 2.3.5Google Android 2.3.6Google Android 2.3.7Google Android 4.1.2Google Android 4.2Google Android 4.2.1Google Android 4.2.2Google Android 2.0Google Android 2.1Google Android 2.3Google Android 2.3.2Google Android 3.1Google Android 3.2.1Google Android 4.0.1Google Android 4.0.3Google Android 4.1Google Android 4.3Google Android 2.2Google Android 2.2.1Google Android 2.2.2Google Android 2.2.3Google Android 3.2.2Google Android 3.2.4Google Android 3.2.6Google Android 4.0Google Android 2.0.1Google Android 2.3.1Google Android 2.3.3Google Android 3.0Google Android 3.2Google Android 4.0.2Google Android 4.0.4Google Android
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
wirelessSQLCVE-2023-1454overflowCVE-2022-48425CVE-2023-25064CVE-2023-28107
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook