CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-3875

server/wm/WindowManagerService.java in Android 6.x before 2016-09-01 does not enforce the DISALLOW_SAFE_BOOT setting, which allows physically proximate attackers to bypass intended access restrictions and boot to safe mode via unspecified vectors, aka internal bug 26251884.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.8%

CVSS Severity

CVSS v3 Score 6.8

CVSS v2 Score 7.2

References

http://source.android.com/security/bulletin/2016-09-01.html
http://www.securityfocus.com/bid/92818
http://www.securitytracker.com/id/1036763
https://android.googlesource.com/platform/frameworks/base/+/69729fa8b13cadbf3173fe1f389fe4f3b7bd0f9c
http://source.android.com/security/bulletin/2016-09-01.html
http://www.securityfocus.com/bid/92818
http://www.securitytracker.com/id/1036763
https://android.googlesource.com/platform/frameworks/base/+/69729fa8b13cadbf3173fe1f389fe4f3b7bd0f9c

Products affected by CVE-2016-3875

Google » Android » Version: 6.0

cpe:2.3:o:google:android:6.0
Google » Android » Version: 6.0.1

cpe:2.3:o:google:android:6.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3875

Products

Pricing

Contact Us