Google » Android : Security Vulnerabilities, CVEs, Published In 2012 (Code Execution) CVSS score >= 4

CVE-2012-4221

Integer overflow in diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service via an application that uses crafted arguments in a local diagchar_ioctl call.
Max CVSS
6.8
EPSS Score
0.10%
Published
2012-11-30
Updated
2013-10-11

CVE-2012-4220

diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via an application that uses crafted arguments in a local diagchar_ioctl call.
Max CVSS
6.8
EPSS Score
0.10%
Published
2012-11-30
Updated
2013-10-10

CVE-2012-3979

Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function.
Max CVSS
6.8
EPSS Score
1.22%
Published
2012-08-29
Updated
2013-03-26

CVE-2011-3874

Stack-based buffer overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6 allows user-assisted remote attackers to execute arbitrary code via an application that calls the FrameworkListener::dispatchCommand method with the wrong number of arguments, as demonstrated by zergRush to trigger a use-after-free error.
Max CVSS
9.3
EPSS Score
1.65%
Published
2012-01-27
Updated
2012-02-06
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close