CVE-2016-8467

MEDIUM Year: 2016
CVSS v3 Score
5.5
Medium
CVSS v2 Score
4.9
Medium
Weakness Type
CWE-264
View all →

Vulnerability Description

An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service (device interoperability: completely permanent or requiring re-flashing the entire operating system). Product: Android. Versions: N/A. Android ID: A-30308784.

Related Vulnerabilities

CVE-2014-2079

MEDIUM
CVSS:5.5(Medium)

X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba an...

CWE-2642014

CVE-2015-8621

MEDIUM
CVSS:5.5(Medium)

t-coffee before 11.00.8cbe486-2 allows local users to write to ~/.t_coffee globally.

CWE-2642015

CVE-2016-10187

MEDIUM
CVSS:5.5(Medium)

The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript.

CWE-2642016

CVE-2016-2202

MEDIUM
CVSS:5.5(Medium)

The Inventory Solution component in the Management Agent in the client in Symantec Altiris IT Management Suite (ITMS) through 7.6 HF7 allows local users to bypass intended application-blacklist restri...

CWE-2642016

CVE-2016-2457

MEDIUM
CVSS:5.5(Medium)

server/pm/UserManagerService.java in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to bypass intended restrictions on Wi-Fi configuration changes ...

CWE-2642016

CVE-2016-2809

MEDIUM
CVSS:5.5(Medium)

The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution.

CWE-2642016