09 Oct 2016
CVE-2016-3918 Vulnerability
email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not ensure that certain values are integers, which allows attackers to read arbitrary attachments via a crafted application that provides a pathname value, aka internal bug 30745403. (CVSS:4.3) (Last Update:2016-10-11)
Vulnerability Details : email/provider/AttachmentProvider.java in AOSP Mail in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not ensure that certain values are integers, which allows attackers to read arbitrary attachments via a crafted application that provides a pathname value, aka internal bug 30745403. Publish Date : 2016-10-10 Last Update Date : 2016-10-11 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2016-3918- Number Of Affected Versions By Product
- References For CVE-2016-3918
| ||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2016-3918There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |