Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The checkDestination function in internal/telephony/SMSDispatcher.java in Android before 5.1.1 LMY48M relies on an obsolete permission name for an authorization check, which allows attackers to bypass an intended user-confirmation requirement for SMS short-code messaging via a crafted application, aka internal bug 22314646.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Android 权限许可和访问控制漏洞
Vulnerability Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。 Android 5.1及之前版本的internal/telephony/SMSDispatcher.java文件中的‘checkDestination’函数中存在安全漏洞,该漏洞源于程序依赖过期的权限名称执行身份验证检查。攻击者可借助特制的应用程序利用该漏洞绕过SMS short-code消息的user
CVSS Information
N/A
Vulnerability Type
N/A