The vulnerability of the ConvertToComponentName function (DreamService.java) in Android operating systems allows a hacker to escalate their privileges or execute arbitrary code.

The vulnerability of the ConvertToComponentName function in DreamService.java on Android operating systems is related to the redirection of URLs to an unreliable website. Exploiting this vulnerability can allow attackers to escalate their privileges or execute arbitrary code...

CVE-2024-0015

In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-0015

CVE-2024-0015 affects the Android Framework via DreamService.java: convertToComponentName can be abused to launch arbitrary protected activities through intent redirection, enabling local elevation of privilege with low privileges and no user interaction required. Public references indicate this ...

PT-2024-4068 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to the ConvertToComponentName function in DreamService.java, which can be exploited due to intent redirection, potentially allowing an attacker to launch arbitrary...