Lucene search
HistoryMar 31, 2014 - 2:58 p.m.
CVE-2013-6768
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.2 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
51.6%
Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse app_process program via a crafted PATH environment variable for a /system/xbin/su process.
Affected configurations
Node
koushik_duttasuperuserMatch1.0.2.1
googleandroidMatch1.0
ORgoogleandroidMatch1.1
ORgoogleandroidMatch1.5
ORgoogleandroidMatch1.6
ORgoogleandroidMatch2.0
ORgoogleandroidMatch2.0.1
ORgoogleandroidMatch2.1
ORgoogleandroidMatch2.2
ORgoogleandroidMatch2.2rev1
ORgoogleandroidMatch2.2.1
ORgoogleandroidMatch2.2.2
ORgoogleandroidMatch2.2.3
ORgoogleandroidMatch2.3
ORgoogleandroidMatch2.3rev1
ORgoogleandroidMatch2.3.1
ORgoogleandroidMatch2.3.2
ORgoogleandroidMatch2.3.3
ORgoogleandroidMatch2.3.4
ORgoogleandroidMatch2.3.5
ORgoogleandroidMatch2.3.6
ORgoogleandroidMatch2.3.7
ORgoogleandroidMatch3.0
ORgoogleandroidMatch3.1
ORgoogleandroidMatch3.2
ORgoogleandroidMatch3.2.1
ORgoogleandroidMatch3.2.2
ORgoogleandroidMatch3.2.4
ORgoogleandroidMatch3.2.6
ORgoogleandroidMatch4.0
ORgoogleandroidMatch4.0.1
ORgoogleandroidMatch4.0.2
ORgoogleandroidMatch4.0.3
ORgoogleandroidMatch4.0.4
ORgoogleandroidMatch4.1
ORgoogleandroidMatch4.1.2
ORgoogleandroidMatch4.2
ORgoogleandroidMatch4.2.1
ORgoogleandroidMatch4.2.2
References
Related
cvelist
cvelist
CVE-2013-6768
2014-03-30 10:00:00
prion
prion
Design/Logic Flaw
2014-03-31 14:58:00
cve
cve
CVE-2013-6768
2014-03-31 14:58:57
packetstorm
packetstorm
Android 4.2.x Superuser Unsanitized Environment
2013-11-14 00:00:00
securityvulns
securityvulns
Superuser unsanitized environment vulnerability on Android <= 4.2.x
2013-11-18 00:00:00
Android su applications privilege escalation
2013-11-18 00:00:00
zdt
zdt
Android 4.2.x Superuser Unsanitized Environment Vulnerability
2013-11-15 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.2 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
51.6%
Related for NVD:CVE-2013-6768