Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,732,428 Members 47,337 Now Online
XDA Developers Android and Mobile Development Forum

[Q] Is a fix available?

Tip us?
 
winlinand
Old
#1  
winlinand's Avatar
Junior Member - OP
Thanks Meter 0
Posts: 13
Join Date: Nov 2013
Question [Q] Is a fix available?

Security vulnerabilities were detected on this device.

Verizon Sm-n900v (Samsung)
Android 4.3 Build JSS15J.N900VVRUBMJE
English/United States (en_US)

Security Advisor v1.0.21
Last scan: Mar 15, 2014 10:15:23 PM
Vulnerable software: 1
Total Vulnerabilities: 1

Vulnerable Software

Android OS / version 4.3 / com.google.android
Vulnerabilities: 1
Severity: 1 High

1) Severity 8.8, CVE-2013-6271

Android 4.0 through 4.3 allows attackers to bypass intended access restrictions and remove device locks via a crafted application that invokes the updateUnlockMethodAndFinish method in the com.android.settings.ChooseLockGeneric class with the PASSWORD_QUALITY_UNSPECIFIED option.
 
Hulk0069
Old
#2  
Hulk0069's Avatar
Senior Member
Thanks Meter 157
Posts: 934
Join Date: Oct 2010
What did you use to find this out?

Sent from my SM-N900V using xda premium
 
winlinand
Old
#3  
winlinand's Avatar
Junior Member - OP
Thanks Meter 0
Posts: 13
Join Date: Nov 2013
Quote:
Originally Posted by Hulk0069 View Post
What did you use to find this out?

Sent from my SM-N900V using xda premium


Sent from my SM-N900V using Tapatalk
Attached Thumbnails
Click image for larger version

Name:	uploadfromtaptalk1394964747779.jpg
Views:	84
Size:	49.6 KB
ID:	2633370  
 
johnciaccio
Old
#4  
Senior Member
Thanks Meter 16
Posts: 129
Join Date: Aug 2010
As it states all devices with Android 4.0 through 4.3 are effected. The update would be Android 4.4 Kitkat.

If I read it right it is stating that a program could be written that changes your lock screen. This could allow someone via a program that you install change it from one where you may have a pin or some other secure input to just swiping or disabling the lock screen all together.

I would not worry to much as long as you install apps only from the play store and actually read what it has access to.
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes