QwikSec

Security Database

CVE

CWE

Training

CVE-2011-0680

Published: Jan 31, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

data/WorkingMessage.java in the Mms application in Android before 2.2.2 and 2.3.x before 2.3.2 does not properly manage the draft cache, which allows remote attackers to read SMS messages intended for other recipients in opportunistic circumstances via a standard text messaging service.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.theinquirer.net/inquirer/news/1939386/google-updates-nexus-android-222

x_refsource_MISC

http://www.engadget.com/2011/01/22/nexus-one-gets-tiny-update-to-android-2-2-2-probably-fixes-sms/

x_refsource_MISC

http://android.git.kernel.org/?p=platform/packages/apps/Mms.git%3Ba=commit%3Bh=4d26623ce82230e8e7009adb921c5edea370a9e0

x_refsource_MISC

http://www.htcphones.net/nexus-one-update-to-android-2-2-2/

x_refsource_MISC

http://twitter.com/GalaxySsupport/statuses/28078194607263744

x_refsource_MISC

vdb-entry

x_refsource_BID

android-workingmessage-info-disclosure(65125)

vdb-entry

x_refsource_XF

http://phandroid.com/2011/01/21/android-2-3-2-update-pushing-to-nexus-s-phone-fixes-sms-bug/

x_refsource_MISC

http://android.git.kernel.org/?p=platform/packages/apps/Mms.git%3Ba=commit%3Bh=18d6b7e9d2e538fb3c0264332b96c02abf367267

x_refsource_CONFIRM

http://www.samsunghub.com/2011/01/22/nexus-s-gets-android-2-3-2-fixes-sms-bug/

x_refsource_MISC

http://code.google.com/p/android/issues/detail?id=9392#c1460

x_refsource_CONFIRM

http://code.google.com/p/android/issues/detail?id=9392#c1620

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.