The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Status | Att | - (including) | - (including) |
| Chacha | Htc | - (including) | - (including) |
| Desire | Htc | - (including) | - (including) |
| Merge | Htc | - (including) | - (including) |
| Galaxy_s | Samsung | - (including) | - (including) |
| Evo_shift_4g | Sprint | - (including) | - (including) |
| G2 | T-mobile | - (including) | - (including) |
| Mytouch_3g_slide | T-mobile | - (including) | - (including) |
| Mytouch_4g_slide | T-mobile | - (including) | - (including) |