PT-2014-8842 · Huawei · Huawei P7-L10

Published

2014-12-19

Updated

2017-09-08

CVE-2014-9135

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Huawei P7-L10 smartphones versions prior to V100R001C00B136

Description The issue concerns the PackageInstaller module, which can be exploited by remote attackers to spoof the origin website. This allows bypassing the website whitelist protection mechanism through a crafted package.

Recommendations For versions prior to V100R001C00B136, update to V100R001C00B136 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-9135

Affected Products

Huawei P7-L10

PT-2014-8842 · Huawei · Huawei P7-L10

CVE-2014-9135

Weakness Enumeration

Related Identifiers

Affected Products

References · 3