Madhu Priya Murugan

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 2016-09-01 patchday **Description** The issue is related to a lack of uid checks in the Notification Manager Service, specifically in the server/notification/NotificationManagerService.java file. This allows attackers to bypass intended restrictions on method calls via a crafted application. **Recommendations** For Android versions prior to 2016-09-01 patchday, update to a version that includes the September 2016 security patch to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.x through 4.4.3 Android versions 5.0.x through 5.0.1 Android versions 5.1.x through 5.1.0 Android versions 6.x before 2016-09-01 **Description** The issue allows attackers to obtain sensitive EmailAccountCacheProvider information via a crafted application. **Recommendations** For Android versions 4.x through 4.4.3, update to version 4.4.4 or later. For Android versions 5.0.x through 5.0.1, update to version 5.0.2 or later. For Android versions 5.1.x through 5.1.0, update to version 5.1.1 or later. For Android versions 6.x before 2016-09-01, update to a version released on or after 2016-09-01.