CVE-2015-9547: Infoleak
First published: Fri Apr 10 2020(Updated: )
An issue was discovered on Samsung mobile devices with JBP(4.3) and KK(4.4.2) software. Because the READ_LOGS permission is mishandled, sensitive information is disclosed in a world-readable copy of the log file if the error message is "Unhandled exception in Dalvik VM," "Application not responding ANR event," or "Crash on an application's native code." The Samsung ID is SVE-2015-2885 (October 2015).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | =4.3 | |
| Android | =4.4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-9547?
CVE-2015-9547 has a medium severity rating due to the potential disclosure of sensitive information.
How do I fix CVE-2015-9547?
To fix CVE-2015-9547, update the affected Samsung devices to a version that does not mishandle the READ_LOGS permission.
Which devices are affected by CVE-2015-9547?
CVE-2015-9547 affects Samsung mobile devices running Android versions 4.3 (JBP) and 4.4.2 (KK).
What information can be leaked due to CVE-2015-9547?
CVE-2015-9547 can lead to the disclosure of sensitive information contained in a world-readable log file.
What is the impact of CVE-2015-9547 on user privacy?
The impact of CVE-2015-9547 on user privacy is significant as it allows unauthorized access to sensitive data in log files.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/google
- canonical/android
- version/android/4.3
- version/android/4.4.2