Path Traversal in Samsung Galaxy_s4

CVE-2015-4641

Directory traversal vulnerability in the SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices allows remote web servers to write to arbitrary files, and consequently execute arbitrary code in a pri…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.007 (71.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

CWE-22 — Path Traversal

References

cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (Exploit, x_refsource_MISC)
75353 (vdb-entry, x_refsource_BID)
cve@mitre.org (Exploit, x_refsource_MISC)
VU#155412 (x_refsource_CERT-VN, US Government Resource, Third Party Advisory, third-party-advisory)