The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations. An arbitrary email can also be sent from the mailbox via the paired smartphone. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-01-22T13:03:26

Updated: 2024-08-05T10:17:38.462Z

Reserved: 2018-08-31T00:00:00

Link: CVE-2018-16271

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-01-22T14:15:11.277

Modified: 2024-11-21T03:52:25.797

Link: CVE-2018-16271

cve-icon Redhat

No data.