Lucene search

[email protected]CVE-2009-2999

HistoryOct 14, 2009 - 10:30 a.m.

CVE-2009-2999

2009-10-1410:30:01

[email protected]

web.nvd.nist.gov

android

denial of service

cve-2009-2999

nvd

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.9%

JSON

The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656.

Affected configurations

NVD

Node

googleandroidMatch1.5

CPENameOperatorVersion
google:androidgoogle androideq1.5

CPE	Name	Operator	Version
google:android	google android	eq	1.5

References

android.git.kernel.org/?p=platform/frameworks/base.git%3Ba=commit%3Bh=46e23fe762d2143d60589ab6d39c4b47c2c754d1

securitytracker.com/id?1022986

www.ocert.org/advisories/ocert-2009-014.html

www.securityfocus.com/archive/1/506948/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/53655

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.9%

JSON

Related for CVE-2009-2999

nvd3 cvelist3 prion3 securityvulns2 cve2