AndroidManifest.xml in Android before 5.0.0 does not require the SEND_SMS permission for the SmsReceiver receiver, which allows attackers to send stored SMS messages, and consequently transmit arbitrary new draft SMS messages or trigger additional per-message charges from a network operator for old messages, via a crafted application that broadcasts an intent with the com.android.mms.transaction.MESSAGE_SENT action, aka Bug 17671795.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Android | * | 4.4.4 (including) | |
| Android | 1.0 (including) | 1.0 (including) | |
| Android | 1.1 (including) | 1.1 (including) | |
| Android | 1.5 (including) | 1.5 (including) | |
| Android | 1.6 (including) | 1.6 (including) | |
| Android | 2.0 (including) | 2.0 (including) | |
| Android | 2.0.1 (including) | 2.0.1 (including) | |
| Android | 2.1 (including) | 2.1 (including) | |
| Android | 2.2 (including) | 2.2 (including) | |
| Android | 2.2-rev1 (including) | 2.2-rev1 (including) | |
| Android | 2.2.1 (including) | 2.2.1 (including) | |
| Android | 2.2.2 (including) | 2.2.2 (including) | |
| Android | 2.2.3 (including) | 2.2.3 (including) | |
| Android | 2.3 (including) | 2.3 (including) | |
| Android | 2.3-rev1 (including) | 2.3-rev1 (including) | |
| Android | 2.3.1 (including) | 2.3.1 (including) | |
| Android | 2.3.2 (including) | 2.3.2 (including) | |
| Android | 2.3.3 (including) | 2.3.3 (including) | |
| Android | 2.3.4 (including) | 2.3.4 (including) | |
| Android | 2.3.5 (including) | 2.3.5 (including) | |
| Android | 2.3.6 (including) | 2.3.6 (including) | |
| Android | 2.3.7 (including) | 2.3.7 (including) | |
| Android | 3.0 (including) | 3.0 (including) | |
| Android | 3.1 (including) | 3.1 (including) | |
| Android | 3.2 (including) | 3.2 (including) | |
| Android | 3.2.1 (including) | 3.2.1 (including) | |
| Android | 3.2.2 (including) | 3.2.2 (including) | |
| Android | 3.2.4 (including) | 3.2.4 (including) | |
| Android | 3.2.6 (including) | 3.2.6 (including) | |
| Android | 4.0 (including) | 4.0 (including) | |
| Android | 4.0.1 (including) | 4.0.1 (including) | |
| Android | 4.0.2 (including) | 4.0.2 (including) | |
| Android | 4.0.3 (including) | 4.0.3 (including) | |
| Android | 4.0.4 (including) | 4.0.4 (including) | |
| Android | 4.1 (including) | 4.1 (including) | |
| Android | 4.1.2 (including) | 4.1.2 (including) | |
| Android | 4.2 (including) | 4.2 (including) | |
| Android | 4.2.1 (including) | 4.2.1 (including) | |
| Android | 4.2.2 (including) | 4.2.2 (including) | |
| Android | 4.3 (including) | 4.3 (including) | |
| Android | 4.3.1 (including) | 4.3.1 (including) | |
| Android | 4.4 (including) | 4.4 (including) | |
| Android | 4.4.1 (including) | 4.4.1 (including) | |
| Android | 4.4.2 (including) | 4.4.2 (including) | |
| Android | 4.4.3 (including) | 4.4.3 (including) |