Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9135

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-9135
Last Modified 22 Dec 2014 10:35:03
Published 19 Dec 2014 10:59:14
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-9135

Summary

The PackageInstaller module in Huawei P7-L10 smartphones before V100R001C00B136 allows remote attackers to spoof the origin website and bypass the website whitelist protection mechanism via a crafted package.

Vulnerable Systems

Application

  • Huawei P7-l10 Firmware V100r001c00b135


References

XF - huawei-p7l10-cve20149135-security-bypass(99283)

CONFIRM - http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-397472.htm


Last Updated: 27 May 2016 11:07:20