Security vulnerabilities were detected on the device. Sony - TopicsExpress

Security vulnerabilities were detected on the device. Sony C2305 (Sony) Android 4.2.2 Build 16.0.B.2.16 English/India (en_IN) Security Advisor v1.0.23 Last scan: 05-Oct-2014 12:47:55 AM Vulnerable software: 1 Total Vulnerabilities: 5 Vulnerable Software Android OS / version 4.2.2 Vulnerabilities: 5 Severity: 4 High, 1 Moderate Severity: 9.3, CVE-2013-4787, Master Key Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that is modified in a way that does not violate the cryptographic signature, probably involving multiple entries in a Zip file with the same name in which one entry is validated but the other entry is installed, aka Android security bug 8219321 and the Master Key vulnerability. Severity: 8.8, CVE-2013-6271, Remove Device Locks Android 4.0 through 4.3 allows attackers to bypass intended access restrictions and remove device locks via a crafted application that invokes the updateUnlockMethodAndFinish method in the com.android.settings.ChooseLockGeneric class with the PASSWORD_QUALITY_UNSPECIFIED option. Severity: 7.5, CVE-2013-7373 Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging use of the PRNG within multiple applications. Severity: 7.5, CVE-2014-1939 java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at certain Android API levels. Severity: 5.0, CVE-2013-7372 The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture (JCA) in Android before 4.4 and other products, when no seed is provided by the user, uses an incorrect offset value, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the resulting PRNG predictability, as exploited in the wild against Bitcoin wallet applications in August 2013.

256MB Kit (2x128MB Modules) RAM Memory for IBM-Lenovo

WERE GIVING YOU A VOICE! United Real Estate Solutions has recently

Eva Longoria Desperate Housewives Signed Authentic 8x10 Photo Jsa

Omega Vert VRT350 HD Juicer + Organic Wheatgrass Kit - Vertical

Do you want to get a house with zero down payment?? New

Susan B Anthony was a radical and would be appalled at how the

DEVOCIONAL: Caminando el camino de la Fe ¿Estás caminando por

Dans la série je critique ce que jai fait: le projet Neptune cet

CNN reports: Namibia embraces conservation In October a CNN team

I deleted the post before because it was not the truth. The

VICKERS (EATON) V0372B3C10 hydraulic filter direct interchange by

Day 3 update. I saw the physician today and ran through a bunch of

I find things very funny sometimes in life... Nowadays I sit back

Masapan de Cacahuates This Is my homemade recipe for a popular

Happy nuclear free birthday to the people of Japan Every

Hello Friends, Reseller Level I.Reseller Level II.Reseller Level

★★★★★EARN $2,000-$8,000 PER MONTH WITHOUT EVER ENROLLING

Business Sales & Marketing Consulting Marketing & Sales What I

Get Loans $6500 In Indiana

Just read this and thought I would share... Live each day to

So today may be the hardest day of my life! They have warmed him

Heb 4:16: Let us then approach the throne of grace with