CVE 썸네일형 리스트형 [CVE-2012-2674] Multiple integer overflows for Android Original release date:07/25/2012Last revised:07/26/2012Source: US-CERT/NIST OverviewMultiple integer overflows in the (1) chk_malloc, (2) leak_malloc, and (3) leak_memalign functions in libc/bionic/malloc_debug_leak.c in Bionic (libc) for Android, when libc.debug.malloc is set, make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large s.. 더보기 [CVE-2012-2646] The Sleipnir Mobile application before 2.1.0 and Sleipnir Mobile Black Edition application before 2.1.0 for Android Original release date:07/25/2012Last revised:07/25/2012Source: US-CERT/NIST OverviewThe Sleipnir Mobile application before 2.1.0 and Sleipnir Mobile Black Edition application before 2.1.0 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. The Sleipnir Mobile application 2.1.0 이전 버전과 Sleipnir Mobile Bla.. 더보기 [CVE-2012-2808] Weak randomness Android DNS resolver Android DNS poisoning: Randomness gone bad (CVE-2012-2808) Jul 24 2012 12:35PMRoee Hay (roeeh il ibm com) 1 Introduction===========Recently we discovered a very interesting vulnerability in Android's DNS resolver, a weakness in its pseudo-random number generator (PRNG), which makes DNS poisoning attacks feasible. 최근 Android의 DNS resolver 에서 매우 흥미있는 취약점을 발견했다.의사난수생성기(PRNG)의 약점이 DNS poisoning 공격을 .. 더보기 이전 1 다음