INTRODUCTION
==================================
In Android <5.0 (and maybe >= 4.0), Settings application leaks Pendingintent with a blank base intent (neither the
component nor the action is explicitly set) to third party application, bad app can use this to broadcast intent with
the same permissions and identity of the Settings application, which runs as SYSTEM uid. Thus bad app can broadcast
sensitive intent with the permission of…
INTRODUCTION
==================================
In Android <5.0, a SQL injection vulnerability exists in the opt module WAPPushManager, attacker can remotely send
malformed WAPPush message to launch any activity or service in the victim’s phone (need permission check)
DETAILS
==================================
When a WAPPush message is received, the raw pdu is processed by dispatchWapPdu method in…
INTRODUCTION
==================================
In Android <5.0, an unprivileged app can resend all the SMS stored in the user’s phone to their corresponding
recipients or senders (without user interaction).
No matter whether these SMS are sent to or received from other people. This may leads to undesired cost to user.
Even the worse, since Android also allow unprivileged app to create draft SMS, combined with this trick, bad app can…
When PHP’s register_globals configuration directive set on, phpBB will call
deregister_globals() function, all global variables registered by PHP will
be destroyed. But deregister_globals() functions can be bypassed.
When PHP’s register_globals configuration set on, MyBB will call
unset_globals() function, all global variables registered by PHP from
$_POST, $_GET, $_FILES, and $_COOKIE arrays will be destroyed.
after opting in to Microsoft Update additional (optional) software
like Silverlight or Microsoft Security Essentials is offered when
a user performs a “custom search” for updates.
Initially the current versions of this additional software are
offered as “optional updates” for download and installation.
For Silverlight cf. <https://support.microsoft.com/kb/2977218>