CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-2656

Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.2%

CVSS Severity

CVSS v2 Score 5.0

References

http://osvdb.org/56750
http://www.blackhat.com/presentations/bh-usa-09/MILLER/BHUSA09-Miller-FuzzingPhone-PAPER.pdf
http://www.securityfocus.com/bid/35886
http://osvdb.org/56750
http://www.blackhat.com/presentations/bh-usa-09/MILLER/BHUSA09-Miller-FuzzingPhone-PAPER.pdf
http://www.securityfocus.com/bid/35886

Products affected by CVE-2009-2656

Google » Android » Version: 1.0

cpe:2.3:o:google:android:1.0
Google » Android » Version: 1.1

cpe:2.3:o:google:android:1.1
Google » Android » Version: 1.5

cpe:2.3:o:google:android:1.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2656

Products

Pricing

Contact Us