CVE-2014-8507
high
CVSS v3
—
CVSS v2
7.5
VIR risk
7.5
Description
Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android before 5.0.0 allow remote attackers to execute arbitrary SQL commands, and consequently launch an activity or service, via the (1) wapAppId or (2) contentType field of a PDU for a malformed WAPPush message, aka Bug 17969135.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — https://android.googlesource.com/platform/frameworks/base/+/48ed835468c6235905459e6ef7df032baf3e4df6
Exploits
Exploit-DB
- EDB-35382 · dos · android
References
- http://packetstormsecurity.com/files/129283/Android-WAPPushManager-SQL-Injection.html
- http://seclists.org/fulldisclosure/2014/Nov/86
- http://www.securityfocus.com/bid/71310
- http://xteam.baidu.com/?p=167
- https://android.googlesource.com/platform/frameworks/base/+/48ed835468c6235905459e6ef7df032baf3e4df6
- http://packetstormsecurity.com/files/129283/Android-WAPPushManager-SQL-Injection.html
- http://seclists.org/fulldisclosure/2014/Nov/86
- http://www.securityfocus.com/bid/71310
- http://xteam.baidu.com/?p=167
- https://android.googlesource.com/platform/frameworks/base/+/48ed835468c6235905459e6ef7df032baf3e4df6
CWEs
CWE-89
Verify integrity in audit chain (admin only). AS-IS.