CVE-2009-2656
First published: Mon Aug 03 2009(Updated: )
Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | =1.0 | |
| Google Android | =1.5 | |
| Google Android | =1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the impact of CVE-2009-2656?
CVE-2009-2656 can cause a denial of service through network disconnection by exploiting a vulnerability in the SMS handling process.
What versions of Android are affected by CVE-2009-2656?
CVE-2009-2656 affects Android versions 1.0, 1.1, and 1.5.
How can users defend against CVE-2009-2656?
To mitigate CVE-2009-2656, users should avoid receiving SMS messages from untrusted sources.
Who demonstrated CVE-2009-2656?
CVE-2009-2656 was demonstrated by researchers Collin Mulliner and Charlie Miller at Black Hat USA 2009.
Is there a patch available for CVE-2009-2656?
There are no specific patches available for CVE-2009-2656 since it affects outdated versions of Android.
- agent/type
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- vendor/google
- canonical/google android
- version/google android/1.0
- version/google android/1.5
- version/google android/1.1