Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Google Android Operating System < 4.3.0 Multiple Vulnerabilities



The remote mobile device is affected by multiple vulnerabilities.


Versions of the Google Android operating system earlier than 4.3.0 are outdated and thus unpatched for the following vulnerabilities:

- A flaw in the tethering function is triggered when responding to recursive DNS queries that are received and referred to as an open resolver. This may allow a remote attacker to conduct DNS amplification attacks, allowing them to leverage the device to perform DDoS attacks against other targets. - A flaw in 'BackupManagerService' does not properly sanitize user input, specifically path traversal style attacks (e.g. '../') when extracting TAR files. With a specially crafted application, a local attacker can overwrite arbitrary files. (CVE-2014-7951)


Upgrade to Google Android version 4.3.0 or later.