Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoController.java in Telephony in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not check for the READ_PHONE_STATE permission, which allows attackers to obtain sensitive information via a crafted application, aka internal bug 25778215.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Android Telephony 安全漏洞
Vulnerability Description
Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。Telephony是其中的一个提供电话功能的组件。 Android 5.1.1 LMY49H之前5.x版本和2016-03-01之前6.x版本的Telephony中的internal/telephony/PhoneSubInfoController.java文件中的‘getDeviceIdForPhone’函数存在安全漏洞,该漏洞源于程序没有检查READ_PHONE_STATE权限。
CVSS Information
N/A
Vulnerability Type
N/A