Posts Tagged ‘Android vulnerabilities’

Samsung Galaxy S6 EdgeInformation security experts have found 11 flaws in the Samsung Galaxy S6 Edge

Information security experts from Google Project Zero found the eleven dangerous vulnerabilities in Galaxy S6 Edge from Samsung, and was immediately reported to the manufacturer.

Samsung released the update which fixes eight holes in October this year. Three the least dangerous vulnerabilities will be eliminated this month. (more…)

Android SecurityNew Android Critical Vulnerabilities

1. CVE-2015-1538 Exploit for Android is Now Available for Testing Purposes

This exploit has several caveats. First, it is not a generic exploit. Zimperium Team only tested it to work on a single device model. Zimperium Team tested this exploit on a Nexus running Android 4.0.4. Also, due to variances in heap layout, this is not a 100% reliable exploit by itself.

Zimperium Team were able achieve 100% reliability when delivered through an attack vector that allowed multiple attempts. Finally, this vulnerability was one of several that was neutered by GCC 5.0’s ‘new[]’ integer overflow mitigation present on Android 5.0 and later. (more…)

New security vulnerabilities 2015Several new security vulnerabilities of varying severity has been found by security researchers

Several new security vulnerabilities of varying severity has been found by security researchers:

  • System compromise in Android (high severity vulnerability)
  • Bypassing security restrictions on Apache Tomcat (middle severity vulnerability)
  • Multiple vulnerabilities in CMS Drupal (low severity vulnerability)
  • Compromising the system in Apple QuickTime for Windows (high severity vulnerability) (more…)

Android HackedAbout 40 applications for the platform Android, which have been downloaded to 185 million times, contain vulnerabilities that allow access to sensitive user data, such as bank account, according to the publication Ars Technica, with reference to the report of German researchers.

“We could gather bank account information, payment credentials for PayPal, American Express and others,” – gives the publication the words of researchers from the Leibniz University of Hanover and the Philipps University of Marburg.

Vulnerability, allow access to the account via Facebook, email, cloud storage used by the owner Android-smartphone.

According to experts, can be exploited to capture data during the exchange of information using cryptographic protocols SSL and TLS between a smartphone based on Android OS Ice Cream Sandwich and the bank’s server, or online services. A number of security vulnerabilities are known and described in the Internet, the researchers note. (more…)