漏洞概要
关注数(24 )
关注此漏洞
漏洞标题:Tencent WeiBo Dos vulnerability (Again)
相关厂商:腾讯
提交时间:2014-01-16 18:44
修复时间:2014-04-16 18:44
公开时间:2014-04-16 18:44
漏洞类型:拒绝服务
危害等级:中
自评Rank:16
漏洞状态:厂商已经确认
Tags标签:
无
漏洞详情 披露状态:
2014-01-16: 细节已通知厂商并且等待厂商处理中 2014-01-17: 厂商已经确认,细节仅向厂商公开 2014-01-20: 细节向第三方安全合作伙伴开放 2014-03-13: 细节向核心白帽子及相关领域专家公开 2014-03-23: 细节向普通白帽子公开 2014-04-02: 细节向实习白帽子公开 2014-04-16: 细节向公众公开
简要描述: Tencent WeiBo(WBlog) latest Version(2014-1-15),Critical Dos vulnerability again.
详细说明: Tencent WeiBo(WBlog) latest Version(2014-1-15),Critical Dos vulnerability again. Also the same vulnerability found in same place/ So why? Where the security testing? problem is due to the exported Activity which named "com.tencent.WBlog.intentproxy.TencentWeiboIntent" Here is the crash log.
I/ActivityManager( 77): START {flg=0x10000000 cmp=com.tencent.WBlog/.intentproxy.TencentWeiboIntent (has extras)} from pid 638 W/WindowManager( 77): Failure taking screenshot for (180x300) to layer 21025 D/dalvikvm( 953): GC_FOR_ALLOC freed 1080K, 12% free 19775K/22407K, paused 103ms I/dalvikvm-heap( 953): Grow heap (frag case) to 20.860MB for 1536016-byte allocation D/dalvikvm( 953): GC_FOR_ALLOC freed 23K, 12% free 21252K/23943K, paused 90ms D/AndroidRuntime( 953): Shutting down VM W/dalvikvm( 953): threadid=1: thread exiting with uncaught exception (group=0x409961f8) E/AndroidRuntime( 953): FATAL EXCEPTION: main E/AndroidRuntime( 953): java.lang.RuntimeException: Unable to start activity ComponentInfo {com.tencent.WBlog/com.tencent.WBlog.intentproxy.TencentWeiboIntent}: java.lang.NullPointerException E/AndroidRuntime( 953): at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:1955) E/AndroidRuntime( 953): at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:1980) E/AndroidRuntime( 953): at android.app.ActivityThread.access$600(ActivityThread.java:122) E/AndroidRuntime( 953): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1146) E/AndroidRuntime( 953): at android.os.Handler.dispatchMessage(Handler.java:99) E/AndroidRuntime( 953): at android.os.Looper.loop(Looper.java:137) E/AndroidRuntime( 953): at android.app.ActivityThread.main(ActivityThread.java:4340) E/AndroidRuntime( 953): at java.lang.reflect.Method.invokeNative(Native Method) E/AndroidRuntime( 953): at java.lang.reflect.Method.invoke(Method.java:511) E/AndroidRuntime( 953): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:784) E/AndroidRuntime( 953): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:551) E/AndroidRuntime( 953): at dalvik.system.NativeStart.main(Native Method) E/AndroidRuntime( 953): Caused by: java.lang.NullPointerException E/AndroidRuntime( 953): at com.tencent.WBlog.intentproxy.TencentWeiboIntent.onCreate(ProGuard:60) E/AndroidRuntime( 953): at android.app.Activity.performCreate(Activity.java:4465) E/AndroidRuntime( 953): at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1049) E/AndroidRuntime( 953): at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:1919) E/AndroidRuntime( 953): ... 11 more W/ActivityManager( 77): Force finishing activity com.tencent.WBlog/.intentproxy.TencentWeiboIntent W/ActivityManager( 77): Force finishing activity com.tencent.WBlog/.activity.MicroblogTab I/WindowManager( 77): createSurface Window{41a65740 paused=false}: DRAW NOW PENDING W/ActivityManager( 77): Activity pause timeout for ActivityRecord{414c7698 com.tencent.WBlog/.intentproxy.TencentWeiboIntent} W/NetworkManagementSocketTagger( 77): setKernelCountSet(10005, 1) failed with errno -2 I/WindowManager( 77): createSurface Window{41385410 com.android.launcher/com.android.launcher2.Launcher paused=false}: DRAW NOW PENDING W/NetworkManagementSocketTagger( 77): setKernelCountSet(10037, 0) failed with errno -2
漏洞证明: 修复方案: 漏洞回应 厂商回应: 危害等级:中
漏洞Rank:10
确认时间:2014-01-17 10:18
厂商回复: 非常感谢您的报告,问题已着手处理,感谢大家对腾讯业务安全的关注。如果您有任何疑问,欢迎反馈,我们会有专人跟进处理。
最新状态: 暂无