Vulnerability Note VU#131263
avast! Mobile Security Android application denial-of-service vulnerability
avast! Mobile Security Android application version 2.0.3587, and possibly earlier versions, contains a denial-of-service vulnerability.
avast! Mobile Security (version 2.0.3587) crashes if an Intent is sent to com.avast.android.mobilesecurity.app.scanner.DeleteFileActivity with no arguments. Upon receiving the malformed intent the application will crash with the following message.
“Unfortunately, avast! Mobile Security has stopped.”
A malicious application installed on the phone may be able to disable the avast! Mobile Security software.
Apply an Update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Avast! Antivirus Software||Affected||22 Mar 2013||16 Apr 2013|
CVSS Metrics (Learn More)
Thanks to Kurt Traver for reporting this vulnerability.
This document was written by Jared Allar.
- CVE IDs: CVE-2013-0122
- Date Public: 19 Apr 2013
- Date First Published: 19 Apr 2013
- Date Last Updated: 19 Apr 2013
- Document Revision: 13
If you have feedback, comments, or additional information about this vulnerability, please send us email.