Computer Security
[EN] securityvulns.ru no-pyccku


Android camera and audio control bypass
Published:18.07.2009
Source:
SecurityVulns ID:10081
Type:local
Threat Level:
5/10
Description:Access control is only checked on application request.
Affected:ANDROID : Android 1.5
CVE:CVE-2009-2348 (Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and executing an application that does not make a permission request before using the camera or microphone.)
Original documentdocumentAndrea Barisani, [oCERT-2009-011] Android improper camera and audio permission verification (18.07.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod