On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542.
References
Link | Resource |
---|---|
http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 | Vendor Advisory |
http://www.securityfocus.com/bid/94088 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2016-10-31T10:00:00
Updated: 2016-11-25T19:57:01
Reserved: 2016-09-09T00:00:00
Link: CVE-2016-7991
JSON object: View
NVD Information
Status : Analyzed
Published: 2016-10-31T10:59:08.147
Modified: 2016-12-02T23:37:50.417
Link: CVE-2016-7991
JSON object: View
Redhat Information
No data.
CWE