Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not ensure that certain values are integers, which allows attackers to read arbitrary attachments via a crafted application that provides a pathname value, aka internal bug 30745403.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Android AOSP Mail 安全漏洞
Vulnerability Description
Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。AOSP Mail是其中的一个AOSP(Android开源项目)电子邮件组件。 Android中的AOSP Mail中的email/provider/AttachmentProvider.java文件存在安全漏洞,该漏洞源于程序没有确保值为整数。攻击者可借助提供路径名的应用程序利用该漏洞读取任意附件。以下版本受到影响:Android 4.4.4之前的4.x版本,5.0.2之前的5.0
CVSS Information
N/A
Vulnerability Type
N/A