Google Android CHANGE_NETWORK_STATE Permission Routing Table Manipulation Weakness
Mobile Phone / Hand-held Device
Loss of Integrity
Google Android contains a flaw due to the CHANGE_NETWORK_STATE permission that may allow an application to manipulate objects and data in the routing tables. With a specially crafted application that would be considered harmless by many, a remote attacker can more easily compromise a users system.
It has been reported that this issue has been fixed. Upgrade to Jelly Bean (4.2) or higher, to address this vulnerability.