Medium severity5.5NVD Advisory· Published May 9, 2016· Updated Jun 17, 2026
CVE-2016-2458
CVE-2016-2458
Description
The compose functionality in AOSP Mail in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly restrict attachments, which allows attackers to obtain sensitive information via a crafted application, related to ComposeActivity.java and ComposeActivityEmail.java, aka internal bug 27335139.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.