Security Holes In Google's Android SDK

Posted by Zonk on Tuesday March 4, 2008 @05:28PM from the patchy-the-leaky-robot dept.

Redon Buckeye writes "Google's Android software development kit is using several outdated and vulnerable open-source image processing libraries, some of which can be exploited to take complete control of mobile devices running the Android platform. From the article: 'Several vulnerabilities have been found in Android's core libraries for processing graphic content in some of the most used image formats (PNG, GIF, and BMP). While some of these vulnerabilities stem from the use of outdated and vulnerable open source image-processing libraries, other were introduced by native Android code that uses them or that implements new functionality.'"

2 of 77 comments (clear)

Min score:

Reason:

Sort:

Re:Re-using, Re-using, Not re-inventing the wheel, by AKAImBatman · 2008-03-04 18:12 · Score: 3, Informative

For this type of problem? You bet your horse it is. Buffer overflow problems are so 1970's. Can we please move on?

--
Javascript + Nintendo DSi = DSiCade
Already fixed by Zach978 · 2008-03-04 18:27 · Score: 5, Informative

This is already fixed in m5-rc15 which was released yesterday...

--

"I told you a million times not to exaggerate!"