PT-2017-7291 · Samsung · Samsung S6 Edge
Published
2017-12-27
·
Updated
2018-01-17
·
CVE-2015-7889
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Samsung S6 Edge versions prior to October 2015 MR
Description
The issue concerns weak permissions in the SecEmailComposer/EmailComposer application. This weakness might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent to the
com.samsung.android.email.intent.action.QUICK REPLY BACKGROUND service action.Recommendations
For Samsung S6 Edge versions prior to October 2015 MR, update to a version released after the October 2015 MR to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Samsung S6 Edge