Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2656

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2009-2656
Last Modified 29 Feb 2012 12:00:00
Published 03 Aug 2009 02:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-2656

Summary

Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009.

Vulnerable Systems

Operating System

  • Google Android 1.5

Application

  • Android 1.0

  • Android 1.1

  • Android 1.5

  • Google Android 1.0

  • Google Android 1.1


References

BID - 35886

MISC - http://www.blackhat.com/presentations/bh-usa-09/MILLER/BHUSA09-Miller-FuzzingPhone-PAPER.pdf

OSVDB - 56750


Last Updated: 27 May 2016 10:58:19