CVE-2015-7889

MEDIUM

Android < 5.1.1 - Information Disclosure via Weak Email Composer Intent Permissions

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-7889. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit leverages an unprotected exported service in Samsung's EmailComposer app to exfiltrate email content via a crafted intent. The service allows unauthenticated access to email replies, enabling data leakage to an attacker-controlled email address.

Description

The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosandroid

https://www.exploit-db.com/exploits/38558

View Code ZIP pw:eip

This exploit leverages an unprotected exported service in Samsung's EmailComposer app to exfiltrate email content via a crafted intent. The service allows unauthenticated access to email replies, enabling data leakage to an attacker-controlled email address.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Samsung EmailComposer (S6 Edge)

No auth needed

Prerequisites: Valid message ID (guessable) · Victim's email account ID

MITRE ATT&CK

T1539 - Steal Web Session Cookie T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/77339

Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/134105/Samsung-SecEmailComposer-QUICK_REPLY_BACKGROUND-Permission-Weakness.html

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/38558/

Issue Tracking, Third Party Advisory x_refsource_confirm

https://bugs.chromium.org/p/project-zero/issues/detail?id=490&redir=1

Scores

CVSS v3 5.5

EPSS 0.0224

EPSS Percentile 80.5%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE

CWE-275

Status published

Products (1)

google/android < 5.1.1

Published Dec 28, 2017

Tracked Since Feb 18, 2026