Confirmed users
971
edits
Security/Reviews/Gaia/Dialer: Difference between revisions
Security/Reviews/Gaia/Dialer (view source)
Revision as of 18:40, 27 February 2013
, 27 February 2013→8. Input Validation Problems
| Line 232: | Line 232: | ||
* {{bug|845361}} Dialer does not correctly validate input to the dial activity handler | * {{bug|845361}} Dialer does not correctly validate input to the dial activity handler | ||
* {{bug|845383}} Dialer accepts super long phone number which breaks the phone until reboot | * {{bug|845383}} Dialer accepts super long phone number which breaks the phone until reboot | ||
* {{bug|845045}} Dialer can be tricked into displaying one number but dialing another | |||
Note that all these issues are about phone numbers accepted through the dial activity. In general there is not enough / not strong enough checking of incoming data through activities. | |||
=== Security Risks & Mitigating Controls === | === Security Risks & Mitigating Controls === | ||