PT-2016-5751 · Google · Android

Publicado

2016-10-10

·

Atualizado

2016-11-28

·

CVE-2016-3923

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions Android versions prior to 7.0 2016-10-01
Description The issue concerns the Accessibility services in Android, which mishandle motion events. This mishandling allows attackers to conduct touchjacking attacks, potentially gaining privileges via a crafted application.
Recommendations For Android versions prior to 7.0 2016-10-01, update to a version released after 2016-10-01 to resolve the issue.

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

CVE-2016-3923

Produtos afetados

Android