First published: Wed May 02 2018(Updated: )
The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone calls to arbitrary numbers, send mmi or ussd codes, or hangup ongoing calls via a crafted application.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | >=4.1.1<=4.4.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.