QwikSec

Security Database

CVE

CWE

Training

CVE-2009-2999

Published: Oct 14, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://android.git.kernel.org/?p=platform/frameworks/base.git%3Ba=commit%3Bh=46e23fe762d2143d60589ab6d39c4b47c2c754d1

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

http://www.ocert.org/advisories/ocert-2009-014.html

x_refsource_MISC

android-smswappush-dos(53655)

vdb-entry

x_refsource_XF

20091005 [oCERT-2009-014] Android denial-of-service issues

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.