QwikSec

Security Database

CVE

CWE

Training

CVE-2015-3843

Published: Oct 1, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The SIM Toolkit (STK) framework in Android before 5.1.1 LMY48I allows attackers to (1) intercept or (2) emulate unspecified Telephony STK SIM commands via an application that sends a crafted Intent, related to com/android/internal/telephony/cat/AppInterface.java, aka internal bug 21697171.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://android.googlesource.com/platform/frameworks/opt/telephony/+/b48581401259439dc5ef6dcf8b0f303e4cbefbe9

x_refsource_CONFIRM

https://android.googlesource.com/platform/frameworks/base/+/a5e904e7eb3aaec532de83ca52e24af18e0496b4

x_refsource_CONFIRM

https://android.googlesource.com/platform/packages/apps/Stk/+/1d8e00160c07ae308e5b460214eb2a425b93ccf7

x_refsource_CONFIRM

[android-security-updates] 20150812 Nexus Security Bulletin (August 2015)

mailing-list

x_refsource_MLIST

https://android.googlesource.com/platform/packages/services/Telephony/+/fcb1d13c320dd1a6350bc7af3166929b4d54a456

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.