Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The QQ application 8.7.1 for Android and iOS does not enforce the permission requirements (e.g., android.permission.ACCESS_FINE_LOCATION) for determining the device's physical location. An attacker can use qq.createMapContext to create a MapContext object, use MapContext.moveToLocation to move the center of the map to the device's location, and use MapContext.getCenterLocation to get the latitude and longitude of the current map center.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tencent QQ 安全漏洞
Vulnerability Description
Tencent QQ是中国腾讯(Tencent)公司的一款的多平台即时通信软件。支持文字、语音和视频聊天,以及文件共享、网络硬盘、邮箱、游戏、论坛、网购、租房与找工作等服务。 Tencent QQ 8.7.1版本存在安全漏洞,该漏洞源于其没有强制权限要求(例如Android .permission. access_fine_location)来确定设备的物理位置。攻击者可以使用qq.createMapContext对象,使用MapContext.moveToLocation将地图的中心移动到设备的位置,并
CVSS Information
N/A
Vulnerability Type
N/A