dexdump in Android SDK prior to 2.3 does not properly perform structural verification, which allows user-assisted remote malicious users to cause a denial of service (dexdump crash) and possibly execute arbitrary code via a malformed APK or dex file that calls a method using more arguments than the number of register that have been declared for that method.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google android sdk 1.6 |
||
google android sdk 1.5 |
||
google android sdk |
||
google android sdk 2.1 |
||
google android sdk 1.1 |
||
google android sdk 2.0 |
||
google android sdk 2.0.1 |