Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2011-0680

EPSS 0.88% · P75
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-0680

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
data/WorkingMessage.java in the Mms application in Android before 2.2.2 and 2.3.x before 2.3.2 does not properly manage the draft cache, which allows remote attackers to read SMS messages intended for other recipients in opportunistic circumstances via a standard text messaging service.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Open Handset Alliance Android Mms应用程序'data/WorkingMessage.java'设计错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Android 是Google通过Open Handset Alliance发起的项目,用于为移动设备提供完整的软件集,包括操作系统、中间件等。 Android 2.2.2之前版本以及2.3.2之前的2.3.x版本中的Mms应用程序中的data/WorkingMessage.java没有正确管理draft内存。远程攻击者可以借助标准文本消息服务,在随机情况下读取为其他接收者所设定的SMS消息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2011-0680

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2011-0680

登录查看更多情报信息。

Same Patch Batch · n/a · 2011-01-31 · 22 CVEs total

CVE-2011-0687Opera WAP文档输入验证漏洞
CVE-2011-0450Opera下载管理器任意代码执行漏洞
CVE-2011-0096Microsoft Windows MHTML协议处理器跨站脚本攻击漏洞
CVE-2010-4717Novell GroupWise GWIA IMAP服务器组件任意代码执行漏洞
CVE-2010-4716Novell GroupWise WebPublisher组件跨站脚本攻击漏洞
CVE-2010-4715Novell GroupWise WebAccess Agent和Document Viewer Agent组件多个目录遍历漏洞
CVE-2010-4714Novell GroupWise多个栈缓冲区溢出漏洞
CVE-2010-4713Novell GroupWise GWIA gwia.exe任意代码执行漏洞
CVE-2010-4712Novell GroupWise GWIA gwia.exe 多个栈缓冲区溢出漏洞
CVE-2010-4711Novell GroupWise GWIA IMAP服务器组件双重释放漏洞
CVE-2011-0688Symantec Intel Alert Management System授权问题漏洞
CVE-2010-0110Symantec多个产品Intel Alert Management System多个栈缓冲区溢出漏洞
CVE-2011-0686Opera远程拒绝服务漏洞
CVE-2011-0685Opera Delete Private Data功能输入验证漏洞
CVE-2011-0684Opera输入验证漏洞
CVE-2011-0683Opera点击劫持攻击漏洞
CVE-2011-0682Opera opera.dll整数截断错误漏洞
CVE-2011-0681Opera XML实现CSS扩展CSS过滤安全绕过漏洞
CVE-2011-0413ISC DHCP DNCPv6服务器输入验证错误漏洞
CVE-2010-4393RealNetworks RealPlayer AVI文件解析堆缓冲区溢出漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2011-0680

No comments yet

Leave a comment