Samsung Mobile vulnerabilities

CVE-2016-9965 [CRITICAL] CWE-388 CVE-2016-9965: Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7119.

CVE-2016-9966 [CRITICAL] CWE-388 CVE-2016-9966: Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7120.

CVE-2016-9967 [CRITICAL] CWE-388 CVE-2016-9967: Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121.

CVE-2016-9567 [MEDIUM] CWE-200 CVE-2016-9567: The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restric The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a conversation. The Samsung ID is SVE-2016-6343.

CVE-2016-9277 [HIGH] CWE-190 CVE-2016-9277: Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to c Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906.

CVE-2016-7160 [HIGH] CWE-476 CVE-2016-7160: A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activiti A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248.