Vulnerabilities / Threats // Insider Threats
6/10/2010
06:23 PM
Cora Nucci
Cora Nucci
Slideshows
50%
50%

Image Gallery: 5 Early Android 2.2 Candidates

Google's Nexus One, the original Android 2.1 phone, will be the first to update to Android 2.2 and at least four HTC handsets are slated for the initial wave of Froyo updates expected in the second half of the year.
Previous
3 of 5
Next


This sought-after handset puts the emphasis on 720p video with two cameras and a 4.3-inch screen. Sprint sold out of the HTC EVO 4G smartphone on its website and there are very few devices left in the carrier's stores. Sprint's site says the new $200 phone is "so hot we can't keep it on our virtual shelves." While the phone is indeed a hot seller, first day sales weren't quite as hot as Sprint initially reported.

Android 2.2: Ready For Enterprise?
Google is touting its new mobile platform's business-friendly features, but licensing Microsoft's ActiveSync may not offer enough security to make Android ready to work in the enterprise.

Previous
3 of 5
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7912
Published: 2015-07-29
The get_option function in dhcp.c in dhcpcd before 6.2.0, as used in dhcpcd 5.x in Android before 5.1 and other products, does not validate the relationship between length fields and the amount of data, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory c...

CVE-2014-7913
Published: 2015-07-29
The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service (memory corru...

CVE-2015-2977
Published: 2015-07-29
Webservice-DIC yoyaku_v41 allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via unspecified vectors.

CVE-2015-2978
Published: 2015-07-29
Webservice-DIC yoyaku_v41 allows remote attackers to bypass authentication and complete a conference-room reservation via unspecified vectors, as demonstrated by an "unintentional reservation."

CVE-2015-2979
Published: 2015-07-29
Webservice-DIC yoyaku_v41 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!